diff options
| author | Bruno Alla <bruno.alla@founders4schools.org.uk> | 2017-03-07 21:00:43 +0000 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2017-05-24 08:36:34 -0400 |
| commit | 6092ea8fa62191bf9ed8ebaae3125dcde9c4bbec (patch) | |
| tree | 4da8346887b1c33e3b0a993eaf780687cdb239b0 /tests/auth_tests | |
| parent | 91b2bc3e70be2632baad86488fb03cf02848b5b6 (diff) | |
Refs #27804 -- Used subTest() in several tests.
Diffstat (limited to 'tests/auth_tests')
| -rw-r--r-- | tests/auth_tests/test_admin_multidb.py | 17 | ||||
| -rw-r--r-- | tests/auth_tests/test_hashers.py | 26 | ||||
| -rw-r--r-- | tests/auth_tests/test_models.py | 2 | ||||
| -rw-r--r-- | tests/auth_tests/test_validators.py | 16 | ||||
| -rw-r--r-- | tests/auth_tests/test_views.py | 180 |
5 files changed, 131 insertions, 110 deletions
diff --git a/tests/auth_tests/test_admin_multidb.py b/tests/auth_tests/test_admin_multidb.py index 6b36b50a16..f86ea86dd8 100644 --- a/tests/auth_tests/test_admin_multidb.py +++ b/tests/auth_tests/test_admin_multidb.py @@ -42,11 +42,12 @@ class MultiDatabaseTests(TestCase): @mock.patch('django.contrib.auth.admin.transaction') def test_add_view(self, mock): for db in connections: - Router.target_db = db - self.client.force_login(self.superusers[db]) - self.client.post(reverse('test_adminsite:auth_user_add'), { - 'username': 'some_user', - 'password1': 'helloworld', - 'password2': 'helloworld', - }) - mock.atomic.assert_called_with(using=db) + with self.subTest(db_connection=db): + Router.target_db = db + self.client.force_login(self.superusers[db]) + self.client.post(reverse('test_adminsite:auth_user_add'), { + 'username': 'some_user', + 'password1': 'helloworld', + 'password2': 'helloworld', + }) + mock.atomic.assert_called_with(using=db) diff --git a/tests/auth_tests/test_hashers.py b/tests/auth_tests/test_hashers.py index aec7021cab..cf12fd4168 100644 --- a/tests/auth_tests/test_hashers.py +++ b/tests/auth_tests/test_hashers.py @@ -300,13 +300,14 @@ class TestUtilsHashPass(SimpleTestCase): def test_upgrade(self): self.assertEqual('pbkdf2_sha256', get_hasher('default').algorithm) for algo in ('sha1', 'md5'): - encoded = make_password('lètmein', hasher=algo) - state = {'upgraded': False} + with self.subTest(algo=algo): + encoded = make_password('lètmein', hasher=algo) + state = {'upgraded': False} - def setter(password): - state['upgraded'] = True - self.assertTrue(check_password('lètmein', encoded, setter)) - self.assertTrue(state['upgraded']) + def setter(password): + state['upgraded'] = True + self.assertTrue(check_password('lètmein', encoded, setter)) + self.assertTrue(state['upgraded']) def test_no_upgrade(self): encoded = make_password('lètmein') @@ -327,13 +328,14 @@ class TestUtilsHashPass(SimpleTestCase): def test_no_upgrade_on_incorrect_pass(self): self.assertEqual('pbkdf2_sha256', get_hasher('default').algorithm) for algo in ('sha1', 'md5'): - encoded = make_password('lètmein', hasher=algo) - state = {'upgraded': False} + with self.subTest(algo=algo): + encoded = make_password('lètmein', hasher=algo) + state = {'upgraded': False} - def setter(): - state['upgraded'] = True - self.assertFalse(check_password('WRONG', encoded, setter)) - self.assertFalse(state['upgraded']) + def setter(): + state['upgraded'] = True + self.assertFalse(check_password('WRONG', encoded, setter)) + self.assertFalse(state['upgraded']) def test_pbkdf2_upgrade(self): hasher = get_hasher('default') diff --git a/tests/auth_tests/test_models.py b/tests/auth_tests/test_models.py index 142fbcc39c..e546d61c64 100644 --- a/tests/auth_tests/test_models.py +++ b/tests/auth_tests/test_models.py @@ -161,7 +161,7 @@ class AbstractBaseUserTests(TestCase): # The normalization happens in AbstractBaseUser.clean() ohm_username = 'iamtheΩ' # U+2126 OHM SIGN for model in ('auth.User', 'auth_tests.CustomUser'): - with self.settings(AUTH_USER_MODEL=model): + with self.subTest(model=model), self.settings(AUTH_USER_MODEL=model): User = get_user_model() user = User(**{User.USERNAME_FIELD: ohm_username, 'password': 'foo'}) user.clean() diff --git a/tests/auth_tests/test_validators.py b/tests/auth_tests/test_validators.py index e9dc1f7f3f..068dec9981 100644 --- a/tests/auth_tests/test_validators.py +++ b/tests/auth_tests/test_validators.py @@ -214,17 +214,21 @@ class UsernameValidatorsTests(TestCase): ] v = validators.UnicodeUsernameValidator() for valid in valid_usernames: - v(valid) + with self.subTest(valid=valid): + v(valid) for invalid in invalid_usernames: - with self.assertRaises(ValidationError): - v(invalid) + with self.subTest(invalid=invalid): + with self.assertRaises(ValidationError): + v(invalid) def test_ascii_validator(self): valid_usernames = ['glenn', 'GLEnN', 'jean-marc'] invalid_usernames = ["o'connell", 'Éric', 'jean marc', "أحمد"] v = validators.ASCIIUsernameValidator() for valid in valid_usernames: - v(valid) + with self.subTest(valid=valid): + v(valid) for invalid in invalid_usernames: - with self.assertRaises(ValidationError): - v(invalid) + with self.subTest(invalid=invalid): + with self.assertRaises(ValidationError): + v(invalid) diff --git a/tests/auth_tests/test_views.py b/tests/auth_tests/test_views.py index 40c48b7e9e..7dbf74928d 100644 --- a/tests/auth_tests/test_views.py +++ b/tests/auth_tests/test_views.py @@ -108,10 +108,11 @@ class AuthViewNamedURLTests(AuthViewsTestCase): ('password_reset_complete', [], {}), ] for name, args, kwargs in expected_named_urls: - try: - reverse(name, args=args, kwargs=kwargs) - except NoReverseMatch: - self.fail("Reversal of url named '%s' failed with NoReverseMatch" % name) + with self.subTest(name=name): + try: + reverse(name, args=args, kwargs=kwargs) + except NoReverseMatch: + self.fail("Reversal of url named '%s' failed with NoReverseMatch" % name) class PasswordResetTest(AuthViewsTestCase): @@ -559,48 +560,54 @@ class LoginTest(AuthViewsTestCase): def test_security_check(self): login_url = reverse('login') - # Those URLs should not pass the security check - for bad_url in ('http://example.com', - 'http:///example.com', - 'https://example.com', - 'ftp://example.com', - '///example.com', - '//example.com', - 'javascript:alert("XSS")'): - - nasty_url = '%(url)s?%(next)s=%(bad_url)s' % { - 'url': login_url, - 'next': REDIRECT_FIELD_NAME, - 'bad_url': quote(bad_url), - } - response = self.client.post(nasty_url, { - 'username': 'testclient', - 'password': 'password', - }) - self.assertEqual(response.status_code, 302) - self.assertNotIn(bad_url, response.url, - "%s should be blocked" % bad_url) + # These URLs should not pass the security check. + bad_urls = ( + 'http://example.com', + 'http:///example.com', + 'https://example.com', + 'ftp://example.com', + '///example.com', + '//example.com', + 'javascript:alert("XSS")', + ) + for bad_url in bad_urls: + with self.subTest(bad_url=bad_url): + nasty_url = '%(url)s?%(next)s=%(bad_url)s' % { + 'url': login_url, + 'next': REDIRECT_FIELD_NAME, + 'bad_url': quote(bad_url), + } + response = self.client.post(nasty_url, { + 'username': 'testclient', + 'password': 'password', + }) + self.assertEqual(response.status_code, 302) + self.assertNotIn(bad_url, response.url, '%s should be blocked' % bad_url) - # These URLs *should* still pass the security check - for good_url in ('/view/?param=http://example.com', - '/view/?param=https://example.com', - '/view?param=ftp://example.com', - 'view/?param=//example.com', - 'https://testserver/', - 'HTTPS://testserver/', - '//testserver/', - '/url%20with%20spaces/'): # see ticket #12534 - safe_url = '%(url)s?%(next)s=%(good_url)s' % { - 'url': login_url, - 'next': REDIRECT_FIELD_NAME, - 'good_url': quote(good_url), - } - response = self.client.post(safe_url, { - 'username': 'testclient', - 'password': 'password', - }) - self.assertEqual(response.status_code, 302) - self.assertIn(good_url, response.url, "%s should be allowed" % good_url) + # These URLs should pass the security check. + good_urls = ( + '/view/?param=http://example.com', + '/view/?param=https://example.com', + '/view?param=ftp://example.com', + 'view/?param=//example.com', + 'https://testserver/', + 'HTTPS://testserver/', + '//testserver/', + '/url%20with%20spaces/', + ) + for good_url in good_urls: + with self.subTest(good_url=good_url): + safe_url = '%(url)s?%(next)s=%(good_url)s' % { + 'url': login_url, + 'next': REDIRECT_FIELD_NAME, + 'good_url': quote(good_url), + } + response = self.client.post(safe_url, { + 'username': 'testclient', + 'password': 'password', + }) + self.assertEqual(response.status_code, 302) + self.assertIn(good_url, response.url, '%s should be allowed' % good_url) def test_security_check_https(self): login_url = reverse('login') @@ -988,45 +995,52 @@ class LogoutTest(AuthViewsTestCase): def test_security_check(self): logout_url = reverse('logout') - # Those URLs should not pass the security check - for bad_url in ('http://example.com', - 'http:///example.com', - 'https://example.com', - 'ftp://example.com', - '///example.com', - '//example.com', - 'javascript:alert("XSS")'): - nasty_url = '%(url)s?%(next)s=%(bad_url)s' % { - 'url': logout_url, - 'next': REDIRECT_FIELD_NAME, - 'bad_url': quote(bad_url), - } - self.login() - response = self.client.get(nasty_url) - self.assertEqual(response.status_code, 302) - self.assertNotIn(bad_url, response.url, - "%s should be blocked" % bad_url) - self.confirm_logged_out() + # These URLs should not pass the security check. + bad_urls = ( + 'http://example.com', + 'http:///example.com', + 'https://example.com', + 'ftp://example.com', + '///example.com', + '//example.com', + 'javascript:alert("XSS")', + ) + for bad_url in bad_urls: + with self.subTest(bad_url=bad_url): + nasty_url = '%(url)s?%(next)s=%(bad_url)s' % { + 'url': logout_url, + 'next': REDIRECT_FIELD_NAME, + 'bad_url': quote(bad_url), + } + self.login() + response = self.client.get(nasty_url) + self.assertEqual(response.status_code, 302) + self.assertNotIn(bad_url, response.url, '%s should be blocked' % bad_url) + self.confirm_logged_out() - # These URLs *should* still pass the security check - for good_url in ('/view/?param=http://example.com', - '/view/?param=https://example.com', - '/view?param=ftp://example.com', - 'view/?param=//example.com', - 'https://testserver/', - 'HTTPS://testserver/', - '//testserver/', - '/url%20with%20spaces/'): # see ticket #12534 - safe_url = '%(url)s?%(next)s=%(good_url)s' % { - 'url': logout_url, - 'next': REDIRECT_FIELD_NAME, - 'good_url': quote(good_url), - } - self.login() - response = self.client.get(safe_url) - self.assertEqual(response.status_code, 302) - self.assertIn(good_url, response.url, "%s should be allowed" % good_url) - self.confirm_logged_out() + # These URLs should pass the security check. + good_urls = ( + '/view/?param=http://example.com', + '/view/?param=https://example.com', + '/view?param=ftp://example.com', + 'view/?param=//example.com', + 'https://testserver/', + 'HTTPS://testserver/', + '//testserver/', + '/url%20with%20spaces/', + ) + for good_url in good_urls: + with self.subTest(good_url=good_url): + safe_url = '%(url)s?%(next)s=%(good_url)s' % { + 'url': logout_url, + 'next': REDIRECT_FIELD_NAME, + 'good_url': quote(good_url), + } + self.login() + response = self.client.get(safe_url) + self.assertEqual(response.status_code, 302) + self.assertIn(good_url, response.url, '%s should be allowed' % good_url) + self.confirm_logged_out() def test_security_check_https(self): logout_url = reverse('logout') |