diff -r 000000000000 -r 0d40e90630ef web/lib/django/contrib/auth/tests/views.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/web/lib/django/contrib/auth/tests/views.py Wed Jan 20 00:34:04 2010 +0100 @@ -0,0 +1,243 @@ +import os +import re + +from django.conf import settings +from django.contrib.auth import SESSION_KEY +from django.contrib.auth.forms import AuthenticationForm +from django.contrib.sites.models import Site, RequestSite +from django.contrib.auth.models import User +from django.test import TestCase +from django.core import mail +from django.core.urlresolvers import reverse + +class AuthViewsTestCase(TestCase): + """ + Helper base class for all the follow test cases. + """ + fixtures = ['authtestdata.json'] + urls = 'django.contrib.auth.urls' + + def setUp(self): + self.old_LANGUAGES = settings.LANGUAGES + self.old_LANGUAGE_CODE = settings.LANGUAGE_CODE + settings.LANGUAGES = (('en', 'English'),) + settings.LANGUAGE_CODE = 'en' + self.old_TEMPLATE_DIRS = settings.TEMPLATE_DIRS + settings.TEMPLATE_DIRS = ( + os.path.join( + os.path.dirname(__file__), + 'templates' + ) + ,) + + def tearDown(self): + settings.LANGUAGES = self.old_LANGUAGES + settings.LANGUAGE_CODE = self.old_LANGUAGE_CODE + settings.TEMPLATE_DIRS = self.old_TEMPLATE_DIRS + +class PasswordResetTest(AuthViewsTestCase): + + def setUp(self): + self.old_LANGUAGES = settings.LANGUAGES + self.old_LANGUAGE_CODE = settings.LANGUAGE_CODE + settings.LANGUAGES = (('en', 'English'),) + settings.LANGUAGE_CODE = 'en' + + def tearDown(self): + settings.LANGUAGES = self.old_LANGUAGES + settings.LANGUAGE_CODE = self.old_LANGUAGE_CODE + + def test_email_not_found(self): + "Error is raised if the provided email address isn't currently registered" + response = self.client.get('/password_reset/') + self.assertEquals(response.status_code, 200) + response = self.client.post('/password_reset/', {'email': 'not_a_real_email@email.com'}) + self.assertContains(response, "That e-mail address doesn't have an associated user account") + self.assertEquals(len(mail.outbox), 0) + + def test_email_found(self): + "Email is sent if a valid email address is provided for password reset" + response = self.client.post('/password_reset/', {'email': 'staffmember@example.com'}) + self.assertEquals(response.status_code, 302) + self.assertEquals(len(mail.outbox), 1) + self.assert_("http://" in mail.outbox[0].body) + + def _test_confirm_start(self): + # Start by creating the email + response = self.client.post('/password_reset/', {'email': 'staffmember@example.com'}) + self.assertEquals(response.status_code, 302) + self.assertEquals(len(mail.outbox), 1) + return self._read_signup_email(mail.outbox[0]) + + def _read_signup_email(self, email): + urlmatch = re.search(r"https?://[^/]*(/.*reset/\S*)", email.body) + self.assert_(urlmatch is not None, "No URL found in sent email") + return urlmatch.group(), urlmatch.groups()[0] + + def test_confirm_valid(self): + url, path = self._test_confirm_start() + response = self.client.get(path) + # redirect to a 'complete' page: + self.assertEquals(response.status_code, 200) + self.assert_("Please enter your new password" in response.content) + + def test_confirm_invalid(self): + url, path = self._test_confirm_start() + # Let's munge the token in the path, but keep the same length, + # in case the URLconf will reject a different length. + path = path[:-5] + ("0"*4) + path[-1] + + response = self.client.get(path) + self.assertEquals(response.status_code, 200) + self.assert_("The password reset link was invalid" in response.content) + + def test_confirm_invalid_post(self): + # Same as test_confirm_invalid, but trying + # to do a POST instead. + url, path = self._test_confirm_start() + path = path[:-5] + ("0"*4) + path[-1] + + response = self.client.post(path, {'new_password1': 'anewpassword', + 'new_password2':' anewpassword'}) + # Check the password has not been changed + u = User.objects.get(email='staffmember@example.com') + self.assert_(not u.check_password("anewpassword")) + + def test_confirm_complete(self): + url, path = self._test_confirm_start() + response = self.client.post(path, {'new_password1': 'anewpassword', + 'new_password2': 'anewpassword'}) + # It redirects us to a 'complete' page: + self.assertEquals(response.status_code, 302) + # Check the password has been changed + u = User.objects.get(email='staffmember@example.com') + self.assert_(u.check_password("anewpassword")) + + # Check we can't use the link again + response = self.client.get(path) + self.assertEquals(response.status_code, 200) + self.assert_("The password reset link was invalid" in response.content) + + def test_confirm_different_passwords(self): + url, path = self._test_confirm_start() + response = self.client.post(path, {'new_password1': 'anewpassword', + 'new_password2':' x'}) + self.assertEquals(response.status_code, 200) + self.assert_("The two password fields didn't match" in response.content) + +class ChangePasswordTest(AuthViewsTestCase): + + def login(self, password='password'): + response = self.client.post('/login/', { + 'username': 'testclient', + 'password': password + } + ) + self.assertEquals(response.status_code, 302) + self.assert_(response['Location'].endswith(settings.LOGIN_REDIRECT_URL)) + + def fail_login(self, password='password'): + response = self.client.post('/login/', { + 'username': 'testclient', + 'password': password + } + ) + self.assertEquals(response.status_code, 200) + self.assert_("Please enter a correct username and password. Note that both fields are case-sensitive." in response.content) + + def logout(self): + response = self.client.get('/logout/') + + def test_password_change_fails_with_invalid_old_password(self): + self.login() + response = self.client.post('/password_change/', { + 'old_password': 'donuts', + 'new_password1': 'password1', + 'new_password2': 'password1', + } + ) + self.assertEquals(response.status_code, 200) + self.assert_("Your old password was entered incorrectly. Please enter it again." in response.content) + + def test_password_change_fails_with_mismatched_passwords(self): + self.login() + response = self.client.post('/password_change/', { + 'old_password': 'password', + 'new_password1': 'password1', + 'new_password2': 'donuts', + } + ) + self.assertEquals(response.status_code, 200) + self.assert_("The two password fields didn't match." in response.content) + + def test_password_change_succeeds(self): + self.login() + response = self.client.post('/password_change/', { + 'old_password': 'password', + 'new_password1': 'password1', + 'new_password2': 'password1', + } + ) + self.assertEquals(response.status_code, 302) + self.assert_(response['Location'].endswith('/password_change/done/')) + self.fail_login() + self.login(password='password1') + +class LoginTest(AuthViewsTestCase): + + def test_current_site_in_context_after_login(self): + response = self.client.get(reverse('django.contrib.auth.views.login')) + self.assertEquals(response.status_code, 200) + site = Site.objects.get_current() + self.assertEquals(response.context['site'], site) + self.assertEquals(response.context['site_name'], site.name) + self.assert_(isinstance(response.context['form'], AuthenticationForm), + 'Login form is not an AuthenticationForm') + +class LogoutTest(AuthViewsTestCase): + urls = 'django.contrib.auth.tests.urls' + + def login(self, password='password'): + response = self.client.post('/login/', { + 'username': 'testclient', + 'password': password + } + ) + self.assertEquals(response.status_code, 302) + self.assert_(response['Location'].endswith(settings.LOGIN_REDIRECT_URL)) + self.assert_(SESSION_KEY in self.client.session) + + def confirm_logged_out(self): + self.assert_(SESSION_KEY not in self.client.session) + + def test_logout_default(self): + "Logout without next_page option renders the default template" + self.login() + response = self.client.get('/logout/') + self.assertEquals(200, response.status_code) + self.assert_('Logged out' in response.content) + self.confirm_logged_out() + + def test_logout_with_next_page_specified(self): + "Logout with next_page option given redirects to specified resource" + self.login() + response = self.client.get('/logout/next_page/') + self.assertEqual(response.status_code, 302) + self.assert_(response['Location'].endswith('/somewhere/')) + self.confirm_logged_out() + + def test_logout_with_redirect_argument(self): + "Logout with query string redirects to specified resource" + self.login() + response = self.client.get('/logout/?next=/login/') + self.assertEqual(response.status_code, 302) + self.assert_(response['Location'].endswith('/login/')) + self.confirm_logged_out() + + def test_logout_with_custom_redirect_argument(self): + "Logout with custom query string redirects to specified resource" + self.login() + response = self.client.get('/logout/custom_query/?follow=/somewhere/') + self.assertEqual(response.status_code, 302) + self.assert_(response['Location'].endswith('/somewhere/')) + self.confirm_logged_out()