Fixed #35530 -- Deprecated request.user fallback in auth.login and auth.alogin.

author: Jaap Roes <jroes@leukeleu.nl> 2024-11-28 14:42:59 +0100
committer: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> 2024-11-28 17:43:46 +0100
commit: ceecd518b19044181a3598c55ebed7c2545963cc (patch)
tree: 2d50bac2f6898f1c84e9c6ea0276a5d5ac3fa890 /tests/auth_tests
parent: 28b9b8d6d900feea731d0724b996959a73ff33b5 (diff)
1 files changed, 48 insertions, 1 deletions
diff --git a/tests/auth_tests/test_login.py b/tests/auth_tests/test_login.py
index 607833a095..2c0c1c5796 100644
--- a/tests/auth_tests/test_login.py
+++ b/tests/auth_tests/test_login.py
@@ -1,7 +1,8 @@
 from django.contrib import auth
-from django.contrib.auth.models import User
+from django.contrib.auth.models import AnonymousUser, User
 from django.http import HttpRequest
 from django.test import TestCase
+from django.utils.deprecation import RemovedInDjango61Warning
 
 
 class TestLogin(TestCase):
@@ -23,3 +24,49 @@ class TestLogin(TestCase):
 
         auth.login(self.request, self.user)
         self.assertEqual(self.request.session[auth.SESSION_KEY], str(self.user.pk))
+
+    # RemovedInDjango61Warning: When the deprecation ends, replace with:
+    # def test_without_user(self):
+    def test_without_user_no_request_user(self):
+        # RemovedInDjango61Warning: When the deprecation ends, replace with:
+        # with self.assertRaisesMessage(
+        #     AttributeError,
+        #     "'NoneType' object has no attribute 'get_session_auth_hash'",
+        # ):
+        #     auth.login(self.request, None)
+        with (
+            self.assertRaisesMessage(
+                AttributeError,
+                "'HttpRequest' object has no attribute 'user'",
+            ),
+            self.assertWarnsMessage(
+                RemovedInDjango61Warning,
+                "Fallback to request.user when user is None will be removed.",
+            ),
+        ):
+            auth.login(self.request, None)
+
+    # RemovedInDjango61Warning: When the deprecation ends, remove completely.
+    def test_without_user_anonymous_request(self):
+        self.request.user = AnonymousUser()
+        with (
+            self.assertRaisesMessage(
+                AttributeError,
+                "'AnonymousUser' object has no attribute '_meta'",
+            ),
+            self.assertWarnsMessage(
+                RemovedInDjango61Warning,
+                "Fallback to request.user when user is None will be removed.",
+            ),
+        ):
+            auth.login(self.request, None)
+
+    # RemovedInDjango61Warning: When the deprecation ends, remove completely.
+    def test_without_user_authenticated_request(self):
+        self.request.user = self.user
+        self.assertNotIn(auth.SESSION_KEY, self.request.session)
+
+        msg = "Fallback to request.user when user is None will be removed."
+        with self.assertWarnsMessage(RemovedInDjango61Warning, msg):
+            auth.login(self.request, None)
+        self.assertEqual(self.request.session[auth.SESSION_KEY], str(self.user.pk))
author	Jaap Roes <jroes@leukeleu.nl>	2024-11-28 14:42:59 +0100
committer	Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>	2024-11-28 17:43:46 +0100
commit	ceecd518b19044181a3598c55ebed7c2545963cc (patch)
tree	2d50bac2f6898f1c84e9c6ea0276a5d5ac3fa890 /tests/auth_tests
parent	28b9b8d6d900feea731d0724b996959a73ff33b5 (diff)