diff options
| author | Vincenzo Pandolfo <pandolfovince@gmail.com> | 2016-03-14 20:21:05 +0000 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2016-03-14 20:24:19 -0400 |
| commit | c6424efbc6114eeefe7ec7545de7e127ed189e92 (patch) | |
| tree | 40fbd706c200913814c4be6837940dffeef23da6 /tests/auth_tests/test_forms.py | |
| parent | b50e4ffe7eb9d8797d38f28ae3f51fb443056214 (diff) | |
[1.9.x] Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields.
Backport of d0fe6c915665fa3220e84bd691ba7002a357e5c5 from master
Diffstat (limited to 'tests/auth_tests/test_forms.py')
| -rw-r--r-- | tests/auth_tests/test_forms.py | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/tests/auth_tests/test_forms.py b/tests/auth_tests/test_forms.py index 918fe3801a..e902cdd339 100644 --- a/tests/auth_tests/test_forms.py +++ b/tests/auth_tests/test_forms.py @@ -169,6 +169,17 @@ class UserCreationFormTest(TestDataMixin, TestCase): form = CustomUserCreationForm(data) self.assertTrue(form.is_valid()) + def test_password_whitespace_not_stripped(self): + data = { + 'username': 'testuser', + 'password1': ' testpassword ', + 'password2': ' testpassword ', + } + form = UserCreationForm(data) + self.assertTrue(form.is_valid()) + self.assertEqual(form.cleaned_data['password1'], data['password1']) + self.assertEqual(form.cleaned_data['password2'], data['password2']) + @override_settings(USE_TZ=False, PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher']) class AuthenticationFormTest(TestDataMixin, TestCase): @@ -279,6 +290,15 @@ class AuthenticationFormTest(TestDataMixin, TestCase): form = CustomAuthenticationForm() self.assertEqual(form.fields['username'].label, "") + def test_password_whitespace_not_stripped(self): + data = { + 'username': 'testuser', + 'password': ' pass ', + } + form = AuthenticationForm(None, data) + form.is_valid() # Not necessary to have valid credentails for the test. + self.assertEqual(form.cleaned_data['password'], data['password']) + @override_settings(USE_TZ=False, PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher']) class SetPasswordFormTest(TestDataMixin, TestCase): @@ -330,6 +350,17 @@ class SetPasswordFormTest(TestDataMixin, TestCase): form["new_password2"].errors ) + def test_password_whitespace_not_stripped(self): + user = User.objects.get(username='testclient') + data = { + 'new_password1': ' password ', + 'new_password2': ' password ', + } + form = SetPasswordForm(user, data) + self.assertTrue(form.is_valid()) + self.assertEqual(form.cleaned_data['new_password1'], data['new_password1']) + self.assertEqual(form.cleaned_data['new_password2'], data['new_password2']) + @override_settings(USE_TZ=False, PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher']) class PasswordChangeFormTest(TestDataMixin, TestCase): @@ -381,6 +412,20 @@ class PasswordChangeFormTest(TestDataMixin, TestCase): self.assertEqual(list(PasswordChangeForm(user, {}).fields), ['old_password', 'new_password1', 'new_password2']) + def test_password_whitespace_not_stripped(self): + user = User.objects.get(username='testclient') + user.set_password(' oldpassword ') + data = { + 'old_password': ' oldpassword ', + 'new_password1': ' pass ', + 'new_password2': ' pass ', + } + form = PasswordChangeForm(user, data) + self.assertTrue(form.is_valid()) + self.assertEqual(form.cleaned_data['old_password'], data['old_password']) + self.assertEqual(form.cleaned_data['new_password1'], data['new_password1']) + self.assertEqual(form.cleaned_data['new_password2'], data['new_password2']) + @override_settings(USE_TZ=False, PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher']) class UserChangeFormTest(TestDataMixin, TestCase): @@ -673,3 +718,14 @@ class AdminPasswordChangeFormTest(TestDataMixin, TestCase): self.assertEqual(password_changed.call_count, 0) form.save() self.assertEqual(password_changed.call_count, 1) + + def test_password_whitespace_not_stripped(self): + user = User.objects.get(username='testclient') + data = { + 'password1': ' pass ', + 'password2': ' pass ', + } + form = AdminPasswordChangeForm(user, data) + self.assertTrue(form.is_valid()) + self.assertEqual(form.cleaned_data['password1'], data['password1']) + self.assertEqual(form.cleaned_data['password2'], data['password2']) |
