1. from django.conf import settings

  2. from django.contrib.auth import models

  3. from django.contrib.auth.decorators import login_required, permission_required

  4. from django.core.exceptions import PermissionDenied

  5. from django.http import HttpResponse

  6. from django.test import TestCase, override_settings

  7. from django.test.client import RequestFactory

  8. 

  9. from .test_views import AuthViewsTestCase

  10. 

  11. 

  12. @override_settings(ROOT_URLCONF="auth_tests.urls")

  13. class LoginRequiredTestCase(AuthViewsTestCase):

  14.     """

  15.     Tests the login_required decorators

  16.     """

  17. 

  18.     def test_callable(self):

  19.         """

  20.         login_required is assignable to callable objects.

  21.         """

  22. 

  23.         class CallableView:

  24.             def __call__(self, *args, **kwargs):

  25.                 pass

  26. 

  27.         login_required(CallableView())

  28. 

  29.     def test_view(self):

  30.         """

  31.         login_required is assignable to normal views.

  32.         """

  33. 

  34.         def normal_view(request):

  35.             pass

  36. 

  37.         login_required(normal_view)

  38. 

  39.     def test_login_required(self, view_url="/login_required/", login_url=None):

  40.         """

  41.         login_required works on a simple view wrapped in a login_required

  42.         decorator.

  43.         """

  44.         if login_url is None:

  45.             login_url = settings.LOGIN_URL

  46.         response = self.client.get(view_url)

  47.         self.assertEqual(response.status_code, 302)

  48.         self.assertIn(login_url, response.url)

  49.         self.login()

  50.         response = self.client.get(view_url)

  51.         self.assertEqual(response.status_code, 200)

  52. 

  53.     def test_login_required_next_url(self):

  54.         """

  55.         login_required works on a simple view wrapped in a login_required

  56.         decorator with a login_url set.

  57.         """

  58.         self.test_login_required(

  59.             view_url="/login_required_login_url/", login_url="/somewhere/"

  60.         )

  61. 

  62. 

  63. class PermissionsRequiredDecoratorTest(TestCase):

  64.     """

  65.     Tests for the permission_required decorator

  66.     """

  67. 

  68.     factory = RequestFactory()

  69. 

  70.     @classmethod

  71.     def setUpTestData(cls):

  72.         cls.user = models.User.objects.create(username="joe", password="qwerty")

  73.         # Add permissions auth.add_customuser and auth.change_customuser

  74.         perms = models.Permission.objects.filter(

  75.             codename__in=("add_customuser", "change_customuser")

  76.         )

  77.         cls.user.user_permissions.add(*perms)

  78. 

  79.     def test_many_permissions_pass(self):

  80.         @permission_required(

  81.             ["auth_tests.add_customuser", "auth_tests.change_customuser"]

  82.         )

  83.         def a_view(request):

  84.             return HttpResponse()

  85. 

  86.         request = self.factory.get("/rand")

  87.         request.user = self.user

  88.         resp = a_view(request)

  89.         self.assertEqual(resp.status_code, 200)

  90. 

  91.     def test_many_permissions_in_set_pass(self):

  92.         @permission_required(

  93.             {"auth_tests.add_customuser", "auth_tests.change_customuser"}

  94.         )

  95.         def a_view(request):

  96.             return HttpResponse()

  97. 

  98.         request = self.factory.get("/rand")

  99.         request.user = self.user

  100.         resp = a_view(request)

  101.         self.assertEqual(resp.status_code, 200)

  102. 

  103.     def test_single_permission_pass(self):

  104.         @permission_required("auth_tests.add_customuser")

  105.         def a_view(request):

  106.             return HttpResponse()

  107. 

  108.         request = self.factory.get("/rand")

  109.         request.user = self.user

  110.         resp = a_view(request)

  111.         self.assertEqual(resp.status_code, 200)

  112. 

  113.     def test_permissioned_denied_redirect(self):

  114.         @permission_required(

  115.             [

  116.                 "auth_tests.add_customuser",

  117.                 "auth_tests.change_customuser",

  118.                 "nonexistent-permission",

  119.             ]

  120.         )

  121.         def a_view(request):

  122.             return HttpResponse()

  123. 

  124.         request = self.factory.get("/rand")

  125.         request.user = self.user

  126.         resp = a_view(request)

  127.         self.assertEqual(resp.status_code, 302)

  128. 

  129.     def test_permissioned_denied_exception_raised(self):

  130.         @permission_required(

  131.             [

  132.                 "auth_tests.add_customuser",

  133.                 "auth_tests.change_customuser",

  134.                 "nonexistent-permission",

  135.             ],

  136.             raise_exception=True,

  137.         )

  138.         def a_view(request):

  139.             return HttpResponse()

  140. 

  141.         request = self.factory.get("/rand")

  142.         request.user = self.user

  143.         with self.assertRaises(PermissionDenied):

  144.             a_view(request)
About Sign Up Leave Feedback Contact