diff options
Diffstat (limited to 'tests/auth_tests')
| -rw-r--r-- | tests/auth_tests/test_auth_backends.py | 32 | ||||
| -rw-r--r-- | tests/auth_tests/test_basic.py | 4 | ||||
| -rw-r--r-- | tests/auth_tests/test_context_processors.py | 8 | ||||
| -rw-r--r-- | tests/auth_tests/test_decorators.py | 12 | ||||
| -rw-r--r-- | tests/auth_tests/test_deprecated_views.py | 4 | ||||
| -rw-r--r-- | tests/auth_tests/test_forms.py | 2 | ||||
| -rw-r--r-- | tests/auth_tests/test_handlers.py | 9 | ||||
| -rw-r--r-- | tests/auth_tests/test_hashers.py | 10 | ||||
| -rw-r--r-- | tests/auth_tests/test_mixins.py | 4 | ||||
| -rw-r--r-- | tests/auth_tests/test_models.py | 2 | ||||
| -rw-r--r-- | tests/auth_tests/test_remote_user.py | 10 | ||||
| -rw-r--r-- | tests/auth_tests/test_signals.py | 2 | ||||
| -rw-r--r-- | tests/auth_tests/test_tokens.py | 9 | ||||
| -rw-r--r-- | tests/auth_tests/test_views.py | 19 |
14 files changed, 53 insertions, 74 deletions
diff --git a/tests/auth_tests/test_auth_backends.py b/tests/auth_tests/test_auth_backends.py index ea40992a61..080270296b 100644 --- a/tests/auth_tests/test_auth_backends.py +++ b/tests/auth_tests/test_auth_backends.py @@ -295,7 +295,7 @@ class CustomPermissionsUserModelBackendTest(BaseModelBackendTest, TestCase): @override_settings(AUTH_USER_MODEL='auth_tests.CustomUser') class CustomUserModelBackendAuthenticateTest(TestCase): """ - Tests that the model backend can accept a credentials kwarg labeled with + The model backend can accept a credentials kwarg labeled with custom user model's USERNAME_FIELD. """ @@ -440,7 +440,7 @@ class AnonymousUserBackendTest(SimpleTestCase): @override_settings(AUTHENTICATION_BACKENDS=[]) class NoBackendsTest(TestCase): """ - Tests that an appropriate error is raised if no auth backends are provided. + An appropriate error is raised if no auth backends are provided. """ def setUp(self): self.user = User.objects.create_user('test', 'test@example.com', 'test') @@ -487,7 +487,7 @@ class PermissionDeniedBackend(object): class PermissionDeniedBackendTest(TestCase): """ - Tests that other backends are not checked once a backend raises PermissionDenied + Other backends are not checked once a backend raises PermissionDenied """ backend = 'auth_tests.test_auth_backends.PermissionDeniedBackend' @@ -547,27 +547,22 @@ class ChangedBackendSettingsTest(TestCase): TEST_EMAIL = 'test@example.com' def setUp(self): - User.objects.create_user(self.TEST_USERNAME, - self.TEST_EMAIL, - self.TEST_PASSWORD) + User.objects.create_user(self.TEST_USERNAME, self.TEST_EMAIL, self.TEST_PASSWORD) @override_settings(AUTHENTICATION_BACKENDS=[backend]) def test_changed_backend_settings(self): """ - Tests that removing a backend configured in AUTHENTICATION_BACKENDS - make already logged-in users disconnect. + Removing a backend configured in AUTHENTICATION_BACKENDS makes already + logged-in users disconnect. """ - # Get a session for the test user self.assertTrue(self.client.login( username=self.TEST_USERNAME, password=self.TEST_PASSWORD) ) - # Prepare a request object request = HttpRequest() request.session = self.client.session - # Remove NewModelBackend with self.settings(AUTHENTICATION_BACKENDS=[ 'django.contrib.auth.backends.ModelBackend']): @@ -591,9 +586,7 @@ class TypeErrorBackend(object): class TypeErrorBackendTest(TestCase): """ - Tests that a TypeError within a backend is propagated properly. - - Regression test for ticket #18171 + A TypeError within a backend is propagated properly (#18171). """ backend = 'auth_tests.test_auth_backends.TypeErrorBackend' @@ -608,17 +601,12 @@ class TypeErrorBackendTest(TestCase): class ImproperlyConfiguredUserModelTest(TestCase): """ - Tests that an exception from within get_user_model is propagated and doesn't - raise an UnboundLocalError. - - Regression test for ticket #21439 + An exception from within get_user_model() is propagated and doesn't + raise an UnboundLocalError (#21439). """ def setUp(self): self.user1 = User.objects.create_user('test', 'test@example.com', 'test') - self.client.login( - username='test', - password='test' - ) + self.client.login(username='test', password='test') @override_settings(AUTH_USER_MODEL='thismodel.doesntexist') def test_does_not_shadow_exception(self): diff --git a/tests/auth_tests/test_basic.py b/tests/auth_tests/test_basic.py index 0552f877e1..2e18260e4c 100644 --- a/tests/auth_tests/test_basic.py +++ b/tests/auth_tests/test_basic.py @@ -16,7 +16,7 @@ from .models import CustomUser class BasicTestCase(TestCase): def test_user(self): - "Check that users can be created and can set their password" + "Users can be created and can set their password" u = User.objects.create_user('testuser', 'test@example.com', 'testpw') self.assertTrue(u.has_usable_password()) self.assertFalse(u.check_password('bad')) @@ -77,7 +77,7 @@ class BasicTestCase(TestCase): self.assertEqual(str(warns[0].message), deprecation_message) def test_user_no_email(self): - "Check that users can be created without an email" + "Users can be created without an email" u = User.objects.create_user('testuser1') self.assertEqual(u.email, '') diff --git a/tests/auth_tests/test_context_processors.py b/tests/auth_tests/test_context_processors.py index 150703440b..d9efdc3d5b 100644 --- a/tests/auth_tests/test_context_processors.py +++ b/tests/auth_tests/test_context_processors.py @@ -41,7 +41,7 @@ class PermWrapperTests(SimpleTestCase): def test_permwrapper_in(self): """ - Test that 'something' in PermWrapper works as expected. + 'something' in PermWrapper works as expected. """ perms = PermWrapper(MockUser()) # Works for modules and full permissions. @@ -72,7 +72,7 @@ class AuthContextProcessorTests(TestCase): @override_settings(MIDDLEWARE=AUTH_MIDDLEWARE) def test_session_not_accessed(self): """ - Tests that the session is not accessed simply by including + The session is not accessed simply by including the auth context processor """ response = self.client.get('/auth_processor_no_attr_access/') @@ -87,7 +87,7 @@ class AuthContextProcessorTests(TestCase): @override_settings(MIDDLEWARE=AUTH_MIDDLEWARE) def test_session_is_accessed(self): """ - Tests that the session is accessed if the auth context processor + The session is accessed if the auth context processor is used and relevant attributes accessed. """ response = self.client.get('/auth_processor_attr_access/') @@ -130,7 +130,7 @@ class AuthContextProcessorTests(TestCase): def test_user_attrs(self): """ - Test that the lazy objects returned behave just like the wrapped objects. + The lazy objects returned behave just like the wrapped objects. """ # These are 'functional' level tests for common use cases. Direct # testing of the implementation (SimpleLazyObject) is in the 'utils' diff --git a/tests/auth_tests/test_decorators.py b/tests/auth_tests/test_decorators.py index 42632049bc..dc3482de22 100644 --- a/tests/auth_tests/test_decorators.py +++ b/tests/auth_tests/test_decorators.py @@ -17,7 +17,7 @@ class LoginRequiredTestCase(AuthViewsTestCase): def testCallable(self): """ - Check that login_required is assignable to callable objects. + login_required is assignable to callable objects. """ class CallableView(object): def __call__(self, *args, **kwargs): @@ -26,7 +26,7 @@ class LoginRequiredTestCase(AuthViewsTestCase): def testView(self): """ - Check that login_required is assignable to normal views. + login_required is assignable to normal views. """ def normal_view(request): pass @@ -34,8 +34,8 @@ class LoginRequiredTestCase(AuthViewsTestCase): def testLoginRequired(self, view_url='/login_required/', login_url=None): """ - Check that login_required works on a simple view wrapped in a - login_required decorator. + login_required works on a simple view wrapped in a login_required + decorator. """ if login_url is None: login_url = settings.LOGIN_URL @@ -48,8 +48,8 @@ class LoginRequiredTestCase(AuthViewsTestCase): def testLoginRequiredNextUrl(self): """ - Check that login_required works on a simple view wrapped in a - login_required decorator with a login_url set. + login_required works on a simple view wrapped in a login_required + decorator with a login_url set. """ self.testLoginRequired(view_url='/login_required_login_url/', login_url='/somewhere/') diff --git a/tests/auth_tests/test_deprecated_views.py b/tests/auth_tests/test_deprecated_views.py index 6034fd11de..542833686a 100644 --- a/tests/auth_tests/test_deprecated_views.py +++ b/tests/auth_tests/test_deprecated_views.py @@ -195,12 +195,12 @@ class PasswordResetTest(AuthViewsTestCase): self.assertContains(response, "The password reset link was invalid") def test_confirm_invalid_user(self): - # Ensure that we get a 200 response for a non-existent user, not a 404 + # We get a 200 response for a non-existent user, not a 404 response = self.client.get('/reset/123456/1-1/') self.assertContains(response, "The password reset link was invalid") def test_confirm_overflow_user(self): - # Ensure that we get a 200 response for a base36 user id that overflows int + # We get a 200 response for a base36 user id that overflows int response = self.client.get('/reset/zzzzzzzzzzzzz/1-1/') self.assertContains(response, "The password reset link was invalid") diff --git a/tests/auth_tests/test_forms.py b/tests/auth_tests/test_forms.py index 8d656bd6f9..cc77288f56 100644 --- a/tests/auth_tests/test_forms.py +++ b/tests/auth_tests/test_forms.py @@ -745,7 +745,7 @@ class PasswordResetFormTest(TestDataMixin, TestCase): def test_inactive_user(self): """ - Test that inactive user cannot receive password reset email. + Inactive user cannot receive password reset email. """ (user, username, email) = self.create_dummy_user() user.is_active = False diff --git a/tests/auth_tests/test_handlers.py b/tests/auth_tests/test_handlers.py index 0acf9377cb..0e2a42b80a 100644 --- a/tests/auth_tests/test_handlers.py +++ b/tests/auth_tests/test_handlers.py @@ -24,7 +24,7 @@ class ModWsgiHandlerTestCase(TransactionTestCase): def test_check_password(self): """ - Verify that check_password returns the correct values as per + check_password() returns the correct values as per https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider """ User.objects.create_user('test', 'test@example.com', 'test') @@ -45,11 +45,10 @@ class ModWsgiHandlerTestCase(TransactionTestCase): @override_settings(AUTH_USER_MODEL='auth_tests.CustomUser') def test_check_password_custom_user(self): """ - Verify that check_password returns the correct values as per + check_password() returns the correct values as per https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider - with custom user installed + with a custom user installed. """ - CustomUser._default_manager.create_user('test@example.com', '1990-01-01', 'test') # User not in database @@ -63,7 +62,7 @@ class ModWsgiHandlerTestCase(TransactionTestCase): def test_groups_for_user(self): """ - Check that groups_for_user returns correct values as per + groups_for_user() returns correct values as per https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-group-authorisation """ user1 = User.objects.create_user('test', 'test@example.com', 'test') diff --git a/tests/auth_tests/test_hashers.py b/tests/auth_tests/test_hashers.py index 69d6f555a8..69ca1a141f 100644 --- a/tests/auth_tests/test_hashers.py +++ b/tests/auth_tests/test_hashers.py @@ -161,7 +161,7 @@ class TestUtilsHashPass(SimpleTestCase): self.assertFalse(check_password('lètmeinz', encoded)) self.assertEqual(identify_hasher(encoded).algorithm, "bcrypt_sha256") - # Verify that password truncation no longer works + # password truncation no longer works password = ( 'VSK0UYV6FFQVZ0KG88DYN9WADAADZO1CTSIVDJUNZSUML6IBX7LN7ZS3R5' 'JGB3RGZ7VI7G7DJQ9NI8BQFSRPTG6UWTTVESA5ZPUN' @@ -210,7 +210,7 @@ class TestUtilsHashPass(SimpleTestCase): def setter(password): state['upgraded'] = True - # Check that no upgrade is triggered. + # No upgrade is triggered. self.assertTrue(check_password('letmein', encoded, setter, 'bcrypt')) self.assertFalse(state['upgraded']) @@ -353,7 +353,7 @@ class TestUtilsHashPass(SimpleTestCase): def setter(password): state['upgraded'] = True - # Check that no upgrade is triggered + # No upgrade is triggered self.assertTrue(check_password('letmein', encoded, setter)) self.assertFalse(state['upgraded']) @@ -401,7 +401,7 @@ class TestUtilsHashPass(SimpleTestCase): algo, iterations, salt, hash = encoded.split('$', 3) self.assertEqual(iterations, '1') - # Check that no upgrade is triggered + # No upgrade is triggered self.assertTrue(check_password('letmein', encoded, setter)) self.assertFalse(state['upgraded']) @@ -513,7 +513,7 @@ class TestUtilsHashPassArgon2(SimpleTestCase): def setter(password): state['upgraded'] = True - # Check that no upgrade is triggered. + # No upgrade is triggered. self.assertTrue(check_password('letmein', encoded, setter, 'argon2')) self.assertFalse(state['upgraded']) diff --git a/tests/auth_tests/test_mixins.py b/tests/auth_tests/test_mixins.py index 5df5ee3c4e..4f74890304 100644 --- a/tests/auth_tests/test_mixins.py +++ b/tests/auth_tests/test_mixins.py @@ -186,8 +186,8 @@ class LoginRequiredMixinTests(TestCase): def test_login_required(self): """ - Check that login_required works on a simple view wrapped in a - login_required decorator. + login_required works on a simple view wrapped in a login_required + decorator. """ class AView(LoginRequiredMixin, EmptyResponseView): pass diff --git a/tests/auth_tests/test_models.py b/tests/auth_tests/test_models.py index c939f3437c..bd64949501 100644 --- a/tests/auth_tests/test_models.py +++ b/tests/auth_tests/test_models.py @@ -189,9 +189,7 @@ class AbstractUserTestCase(TestCase): from_email="from@domain.com", **kwargs ) - # Test that one message has been sent. self.assertEqual(len(mail.outbox), 1) - # Verify that test email contains the correct attributes: message = mail.outbox[0] self.assertEqual(message.subject, "Subject here") self.assertEqual(message.body, "This is a message") diff --git a/tests/auth_tests/test_remote_user.py b/tests/auth_tests/test_remote_user.py index 2b5bf32d74..05c76ff6e3 100644 --- a/tests/auth_tests/test_remote_user.py +++ b/tests/auth_tests/test_remote_user.py @@ -77,7 +77,7 @@ class RemoteUserTest(TestCase): **{self.header: self.known_user}) self.assertEqual(response.context['user'].username, 'knownuser') self.assertEqual(User.objects.count(), num_users) - # Test that a different user passed in the headers causes the new user + # A different user passed in the headers causes the new user # to be logged in. response = self.client.get('/remote_user/', **{self.header: self.known_user2}) @@ -86,7 +86,7 @@ class RemoteUserTest(TestCase): def test_last_login(self): """ - Tests that a user's last_login is set the first time they make a + A user's last_login is set the first time they make a request but not updated in subsequent requests with the same session. """ user = User.objects.create(username='knownuser') @@ -110,7 +110,7 @@ class RemoteUserTest(TestCase): def test_header_disappears(self): """ - Tests that a logged in user is logged out automatically when + A logged in user is logged out automatically when the REMOTE_USER header disappears during the same browser session. """ User.objects.create(username='knownuser') @@ -131,7 +131,7 @@ class RemoteUserTest(TestCase): def test_user_switch_forces_new_login(self): """ - Tests that if the username in the header changes between requests + If the username in the header changes between requests that the original user is logged out """ User.objects.create(username='knownuser') @@ -142,7 +142,7 @@ class RemoteUserTest(TestCase): # During the session, the REMOTE_USER changes to a different user. response = self.client.get('/remote_user/', **{self.header: "newnewuser"}) - # Ensure that the current user is not the prior remote_user + # The current user is not the prior remote_user. # In backends that create a new user, username is "newnewuser" # In backends that do not create new users, it is '' (anonymous user) self.assertNotEqual(response.context['user'].username, 'knownuser') diff --git a/tests/auth_tests/test_signals.py b/tests/auth_tests/test_signals.py index c21daa3c1d..8fb2046e1c 100644 --- a/tests/auth_tests/test_signals.py +++ b/tests/auth_tests/test_signals.py @@ -68,7 +68,7 @@ class SignalTestCase(TestCase): self.assertEqual(self.logged_out[0].username, 'testclient') def test_update_last_login(self): - """Ensure that only `last_login` is updated in `update_last_login`""" + """Only `last_login` is updated in `update_last_login`""" user = self.u3 old_last_login = user.last_login diff --git a/tests/auth_tests/test_tokens.py b/tests/auth_tests/test_tokens.py index bddcd323d7..99f9741a0a 100644 --- a/tests/auth_tests/test_tokens.py +++ b/tests/auth_tests/test_tokens.py @@ -11,9 +11,6 @@ from django.utils.six import PY3 class TokenGeneratorTest(TestCase): def test_make_token(self): - """ - Ensure that we can make a token and that it is valid - """ user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw') p0 = PasswordResetTokenGenerator() tk1 = p0.make_token(user) @@ -21,7 +18,7 @@ class TokenGeneratorTest(TestCase): def test_10265(self): """ - Ensure that the token generated for a user created in the same request + The token generated for a user created in the same request will work correctly. """ # See ticket #10265 @@ -34,7 +31,7 @@ class TokenGeneratorTest(TestCase): def test_timeout(self): """ - Ensure we can use the token after n days, but no greater. + The token is valid after n days, but no greater. """ # Uses a mocked version of PasswordResetTokenGenerator so we can change # the value of 'today' @@ -57,7 +54,7 @@ class TokenGeneratorTest(TestCase): @unittest.skipIf(PY3, "Unnecessary test with Python 3") def test_date_length(self): """ - Make sure we don't allow overly long dates, causing a potential DoS. + Overly long dates, which are a potential DoS vector, aren't allowed. """ user = User.objects.create_user('ima1337h4x0r', 'test4@example.com', 'p4ssw0rd') p0 = PasswordResetTokenGenerator() diff --git a/tests/auth_tests/test_views.py b/tests/auth_tests/test_views.py index d1235c45d7..77d1ada13b 100644 --- a/tests/auth_tests/test_views.py +++ b/tests/auth_tests/test_views.py @@ -233,18 +233,17 @@ class PasswordResetTest(AuthViewsTestCase): self.assertContains(response, "The password reset link was invalid") def test_confirm_invalid_user(self): - # Ensure that we get a 200 response for a non-existent user, not a 404 + # A non-existent user returns a 200 response, not a 404. response = self.client.get('/reset/123456/1-1/') self.assertContains(response, "The password reset link was invalid") def test_confirm_overflow_user(self): - # Ensure that we get a 200 response for a base36 user id that overflows int + # A base36 user id that overflows int returns a 200 response. response = self.client.get('/reset/zzzzzzzzzzzzz/1-1/') self.assertContains(response, "The password reset link was invalid") def test_confirm_invalid_post(self): - # Same as test_confirm_invalid, but trying - # to do a POST instead. + # Same as test_confirm_invalid, but trying to do a POST instead. url, path = self._test_confirm_start() path = path[:-5] + ("0" * 4) + path[-1] @@ -311,14 +310,12 @@ class PasswordResetTest(AuthViewsTestCase): def test_confirm_display_user_from_form(self): url, path = self._test_confirm_start() response = self.client.get(path) - - # #16919 -- The ``password_reset_confirm`` view should pass the user - # object to the ``SetPasswordForm``, even on GET requests. - # For this test, we render ``{{ form.user }}`` in the template - # ``registration/password_reset_confirm.html`` so that we can test this. + # The password_reset_confirm() view passes the user object to the + # SetPasswordForm``, even on GET requests (#16919). For this test, + # {{ form.user }}`` is rendered in the template + # registration/password_reset_confirm.html. username = User.objects.get(email='staffmember@example.com').username self.assertContains(response, "Hello, %s." % username) - # However, the view should NOT pass any user object on a form if the # password reset link was invalid. response = self.client.get('/reset/zzzzzzzzzzzzz/1-1/') @@ -978,7 +975,7 @@ class LogoutTest(AuthViewsTestCase): self.confirm_logged_out() def test_logout_preserve_language(self): - """Check that language stored in session is preserved after logout""" + """Language stored in session is preserved after logout""" # Create a new session with language engine = import_module(settings.SESSION_ENGINE) session = engine.SessionStore() |
