diff options
| author | Jannis Leidel <jannis@leidel.info> | 2010-12-02 00:44:35 +0000 |
|---|---|---|
| committer | Jannis Leidel <jannis@leidel.info> | 2010-12-02 00:44:35 +0000 |
| commit | cc64fb5c4b4315a4ad66e21458e27ece57266847 (patch) | |
| tree | 2f83c93a64b5abc395282eca9d17fc8b335fed1a /tests | |
| parent | 07705ca12982b6a87cfd9f62723153fb94f151b2 (diff) | |
Fixed #8342 -- Removed code from the admin that assumed that you can't login with an email address (nixed by r12634). Also refactored login code slightly to be DRY by using more of auth app's forms and views.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14769 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/regressiontests/admin_views/customadmin.py | 3 | ||||
| -rw-r--r-- | tests/regressiontests/admin_views/forms.py | 10 | ||||
| -rw-r--r-- | tests/regressiontests/admin_views/tests.py | 166 |
3 files changed, 118 insertions, 61 deletions
diff --git a/tests/regressiontests/admin_views/customadmin.py b/tests/regressiontests/admin_views/customadmin.py index 8cd262b860..c31d3794cd 100644 --- a/tests/regressiontests/admin_views/customadmin.py +++ b/tests/regressiontests/admin_views/customadmin.py @@ -5,9 +5,10 @@ from django.conf.urls.defaults import patterns from django.contrib import admin from django.http import HttpResponse -import models +import models, forms class Admin2(admin.AdminSite): + login_form = forms.CustomAdminAuthenticationForm login_template = 'custom_admin/login.html' logout_template = 'custom_admin/logout.html' index_template = 'custom_admin/index.html' diff --git a/tests/regressiontests/admin_views/forms.py b/tests/regressiontests/admin_views/forms.py new file mode 100644 index 0000000000..a030c2a8d0 --- /dev/null +++ b/tests/regressiontests/admin_views/forms.py @@ -0,0 +1,10 @@ +from django import forms +from django.contrib.admin.forms import AdminAuthenticationForm + +class CustomAdminAuthenticationForm(AdminAuthenticationForm): + + def clean_username(self): + username = self.cleaned_data.get('username') + if username == 'customform': + raise forms.ValidationError('custom form error') + return username diff --git a/tests/regressiontests/admin_views/tests.py b/tests/regressiontests/admin_views/tests.py index 79a29d8ab0..6b4f65b497 100644 --- a/tests/regressiontests/admin_views/tests.py +++ b/tests/regressiontests/admin_views/tests.py @@ -5,7 +5,7 @@ import datetime from django.conf import settings from django.core import mail from django.core.files import temp as tempfile -from django.contrib.auth import admin # Register auth models with the admin. +from django.contrib.auth import REDIRECT_FIELD_NAME, admin # Register auth models with the admin. from django.contrib.auth.models import User, Permission, UNUSABLE_PASSWORD from django.contrib.contenttypes.models import ContentType from django.contrib.admin.models import LogEntry, DELETION @@ -377,6 +377,19 @@ class SaveAsTests(TestCase): class CustomModelAdminTest(AdminViewBasicTest): urlbit = "admin2" + def testCustomAdminSiteLoginForm(self): + self.client.logout() + request = self.client.get('/test_admin/admin2/') + self.failUnlessEqual(request.status_code, 200) + login = self.client.post('/test_admin/admin2/', { + REDIRECT_FIELD_NAME: '/test_admin/admin2/', + LOGIN_FORM_KEY: 1, + 'username': 'customform', + 'password': 'secret', + }) + self.failUnlessEqual(login.status_code, 200) + self.assertContains(login, 'custom form error') + def testCustomAdminSiteLoginTemplate(self): self.client.logout() request = self.client.get('/test_admin/admin2/') @@ -446,36 +459,52 @@ class AdminViewPermissionsTest(TestCase): # login POST dicts self.super_login = { - LOGIN_FORM_KEY: 1, - 'username': 'super', - 'password': 'secret'} + REDIRECT_FIELD_NAME: '/test_admin/admin/', + LOGIN_FORM_KEY: 1, + 'username': 'super', + 'password': 'secret', + } self.super_email_login = { - LOGIN_FORM_KEY: 1, - 'username': 'super@example.com', - 'password': 'secret'} + REDIRECT_FIELD_NAME: '/test_admin/admin/', + LOGIN_FORM_KEY: 1, + 'username': 'super@example.com', + 'password': 'secret', + } self.super_email_bad_login = { - LOGIN_FORM_KEY: 1, - 'username': 'super@example.com', - 'password': 'notsecret'} + REDIRECT_FIELD_NAME: '/test_admin/admin/', + LOGIN_FORM_KEY: 1, + 'username': 'super@example.com', + 'password': 'notsecret', + } self.adduser_login = { - LOGIN_FORM_KEY: 1, - 'username': 'adduser', - 'password': 'secret'} + REDIRECT_FIELD_NAME: '/test_admin/admin/', + LOGIN_FORM_KEY: 1, + 'username': 'adduser', + 'password': 'secret', + } self.changeuser_login = { - LOGIN_FORM_KEY: 1, - 'username': 'changeuser', - 'password': 'secret'} + REDIRECT_FIELD_NAME: '/test_admin/admin/', + LOGIN_FORM_KEY: 1, + 'username': 'changeuser', + 'password': 'secret', + } self.deleteuser_login = { - LOGIN_FORM_KEY: 1, - 'username': 'deleteuser', - 'password': 'secret'} + REDIRECT_FIELD_NAME: '/test_admin/admin/', + LOGIN_FORM_KEY: 1, + 'username': 'deleteuser', + 'password': 'secret', + } self.joepublic_login = { - LOGIN_FORM_KEY: 1, - 'username': 'joepublic', - 'password': 'secret'} + REDIRECT_FIELD_NAME: '/test_admin/admin/', + LOGIN_FORM_KEY: 1, + 'username': 'joepublic', + 'password': 'secret', + } self.no_username_login = { - LOGIN_FORM_KEY: 1, - 'password': 'secret'} + REDIRECT_FIELD_NAME: '/test_admin/admin/', + LOGIN_FORM_KEY: 1, + 'password': 'secret', + } def testLogin(self): """ @@ -500,12 +529,12 @@ class AdminViewPermissionsTest(TestCase): self.assertContains(login, "Your e-mail address is not your username") # only correct passwords get a username hint login = self.client.post('/test_admin/admin/', self.super_email_bad_login) - self.assertContains(login, "Usernames cannot contain the '@' character") + self.assertContains(login, "Please enter a correct username and password.") new_user = User(username='jondoe', password='secret', email='super@example.com') new_user.save() # check to ensure if there are multiple e-mail addresses a user doesn't get a 500 login = self.client.post('/test_admin/admin/', self.super_email_login) - self.assertContains(login, "Usernames cannot contain the '@' character") + self.assertContains(login, "Please enter a correct username and password.") # Add User request = self.client.get('/test_admin/admin/') @@ -536,23 +565,24 @@ class AdminViewPermissionsTest(TestCase): self.failUnlessEqual(request.status_code, 200) login = self.client.post('/test_admin/admin/', self.joepublic_login) self.failUnlessEqual(login.status_code, 200) - # Login.context is a list of context dicts we just need to check the first one. - self.assert_(login.context[0].get('error_message')) + self.assertContains(login, "Please enter a correct username and password.") # Requests without username should not return 500 errors. request = self.client.get('/test_admin/admin/') self.failUnlessEqual(request.status_code, 200) login = self.client.post('/test_admin/admin/', self.no_username_login) self.failUnlessEqual(login.status_code, 200) - # Login.context is a list of context dicts we just need to check the first one. - self.assert_(login.context[0].get('error_message')) + form = login.context[0].get('form') + self.failUnlessEqual(form.errors['username'][0], 'This field is required.') def testLoginSuccessfullyRedirectsToOriginalUrl(self): request = self.client.get('/test_admin/admin/') self.failUnlessEqual(request.status_code, 200) - query_string = "the-answer=42" - login = self.client.post('/test_admin/admin/', self.super_login, QUERY_STRING = query_string ) - self.assertRedirects(login, '/test_admin/admin/?%s' % query_string) + query_string = 'the-answer=42' + redirect_url = '/test_admin/admin/?%s' % query_string + new_next = {REDIRECT_FIELD_NAME: redirect_url} + login = self.client.post('/test_admin/admin/', dict(self.super_login, **new_next), QUERY_STRING=query_string) + self.assertRedirects(login, redirect_url) def testAddView(self): """Test add view restricts access and actually adds items.""" @@ -967,33 +997,47 @@ class SecureViewTest(TestCase): def setUp(self): # login POST dicts self.super_login = { - LOGIN_FORM_KEY: 1, - 'username': 'super', - 'password': 'secret'} + LOGIN_FORM_KEY: 1, + REDIRECT_FIELD_NAME: '/test_admin/admin/secure-view/', + 'username': 'super', + 'password': 'secret', + } self.super_email_login = { - LOGIN_FORM_KEY: 1, - 'username': 'super@example.com', - 'password': 'secret'} + LOGIN_FORM_KEY: 1, + REDIRECT_FIELD_NAME: '/test_admin/admin/secure-view/', + 'username': 'super@example.com', + 'password': 'secret', + } self.super_email_bad_login = { - LOGIN_FORM_KEY: 1, - 'username': 'super@example.com', - 'password': 'notsecret'} + LOGIN_FORM_KEY: 1, + REDIRECT_FIELD_NAME: '/test_admin/admin/secure-view/', + 'username': 'super@example.com', + 'password': 'notsecret', + } self.adduser_login = { - LOGIN_FORM_KEY: 1, - 'username': 'adduser', - 'password': 'secret'} + LOGIN_FORM_KEY: 1, + REDIRECT_FIELD_NAME: '/test_admin/admin/secure-view/', + 'username': 'adduser', + 'password': 'secret', + } self.changeuser_login = { - LOGIN_FORM_KEY: 1, - 'username': 'changeuser', - 'password': 'secret'} + LOGIN_FORM_KEY: 1, + REDIRECT_FIELD_NAME: '/test_admin/admin/secure-view/', + 'username': 'changeuser', + 'password': 'secret', + } self.deleteuser_login = { - LOGIN_FORM_KEY: 1, - 'username': 'deleteuser', - 'password': 'secret'} + LOGIN_FORM_KEY: 1, + REDIRECT_FIELD_NAME: '/test_admin/admin/secure-view/', + 'username': 'deleteuser', + 'password': 'secret', + } self.joepublic_login = { - LOGIN_FORM_KEY: 1, - 'username': 'joepublic', - 'password': 'secret'} + LOGIN_FORM_KEY: 1, + REDIRECT_FIELD_NAME: '/test_admin/admin/secure-view/', + 'username': 'joepublic', + 'password': 'secret', + } def tearDown(self): self.client.logout() @@ -1006,9 +1050,11 @@ class SecureViewTest(TestCase): def test_secure_view_login_successfully_redirects_to_original_url(self): request = self.client.get('/test_admin/admin/secure-view/') self.failUnlessEqual(request.status_code, 200) - query_string = "the-answer=42" - login = self.client.post('/test_admin/admin/secure-view/', self.super_login, QUERY_STRING = query_string ) - self.assertRedirects(login, '/test_admin/admin/secure-view/?%s' % query_string) + query_string = 'the-answer=42' + redirect_url = '/test_admin/admin/secure-view/?%s' % query_string + new_next = {REDIRECT_FIELD_NAME: redirect_url} + login = self.client.post('/test_admin/admin/secure-view/', dict(self.super_login, **new_next), QUERY_STRING=query_string) + self.assertRedirects(login, redirect_url) def test_staff_member_required_decorator_works_as_per_admin_login(self): """ @@ -1035,12 +1081,12 @@ class SecureViewTest(TestCase): self.assertContains(login, "Your e-mail address is not your username") # only correct passwords get a username hint login = self.client.post('/test_admin/admin/secure-view/', self.super_email_bad_login) - self.assertContains(login, "Usernames cannot contain the '@' character") + self.assertContains(login, "Please enter a correct username and password.") new_user = User(username='jondoe', password='secret', email='super@example.com') new_user.save() # check to ensure if there are multiple e-mail addresses a user doesn't get a 500 login = self.client.post('/test_admin/admin/secure-view/', self.super_email_login) - self.assertContains(login, "Usernames cannot contain the '@' character") + self.assertContains(login, "Please enter a correct username and password.") # Add User request = self.client.get('/test_admin/admin/secure-view/') @@ -1072,7 +1118,7 @@ class SecureViewTest(TestCase): login = self.client.post('/test_admin/admin/secure-view/', self.joepublic_login) self.failUnlessEqual(login.status_code, 200) # Login.context is a list of context dicts we just need to check the first one. - self.assert_(login.context[0].get('error_message')) + self.assertContains(login, "Please enter a correct username and password.") # 8509 - if a normal user is already logged in, it is possible # to change user into the superuser without error |
