summaryrefslogtreecommitdiff
path: root/tests/auth_tests/test_auth_backends.py
diff options
context:
space:
mode:
Diffstat (limited to 'tests/auth_tests/test_auth_backends.py')
-rw-r--r--tests/auth_tests/test_auth_backends.py505
1 files changed, 288 insertions, 217 deletions
diff --git a/tests/auth_tests/test_auth_backends.py b/tests/auth_tests/test_auth_backends.py
index d1471466d7..a535f329d2 100644
--- a/tests/auth_tests/test_auth_backends.py
+++ b/tests/auth_tests/test_auth_backends.py
@@ -3,8 +3,12 @@ from datetime import date
from unittest import mock
from django.contrib.auth import (
- BACKEND_SESSION_KEY, SESSION_KEY, _clean_credentials, authenticate,
- get_user, signals,
+ BACKEND_SESSION_KEY,
+ SESSION_KEY,
+ _clean_credentials,
+ authenticate,
+ get_user,
+ signals,
)
from django.contrib.auth.backends import BaseBackend, ModelBackend
from django.contrib.auth.hashers import MD5PasswordHasher
@@ -13,50 +17,58 @@ from django.contrib.contenttypes.models import ContentType
from django.core.exceptions import ImproperlyConfigured, PermissionDenied
from django.http import HttpRequest
from django.test import (
- RequestFactory, SimpleTestCase, TestCase, modify_settings,
+ RequestFactory,
+ SimpleTestCase,
+ TestCase,
+ modify_settings,
override_settings,
)
from django.views.debug import technical_500_response
from django.views.decorators.debug import sensitive_variables
from .models import (
- CustomPermissionsUser, CustomUser, CustomUserWithoutIsActiveField,
- ExtensionUser, UUIDUser,
+ CustomPermissionsUser,
+ CustomUser,
+ CustomUserWithoutIsActiveField,
+ ExtensionUser,
+ UUIDUser,
)
class SimpleBackend(BaseBackend):
def get_user_permissions(self, user_obj, obj=None):
- return ['user_perm']
+ return ["user_perm"]
def get_group_permissions(self, user_obj, obj=None):
- return ['group_perm']
+ return ["group_perm"]
-@override_settings(AUTHENTICATION_BACKENDS=['auth_tests.test_auth_backends.SimpleBackend'])
+@override_settings(
+ AUTHENTICATION_BACKENDS=["auth_tests.test_auth_backends.SimpleBackend"]
+)
class BaseBackendTest(TestCase):
@classmethod
def setUpTestData(cls):
- cls.user = User.objects.create_user('test', 'test@example.com', 'test')
+ cls.user = User.objects.create_user("test", "test@example.com", "test")
def test_get_user_permissions(self):
- self.assertEqual(self.user.get_user_permissions(), {'user_perm'})
+ self.assertEqual(self.user.get_user_permissions(), {"user_perm"})
def test_get_group_permissions(self):
- self.assertEqual(self.user.get_group_permissions(), {'group_perm'})
+ self.assertEqual(self.user.get_group_permissions(), {"group_perm"})
def test_get_all_permissions(self):
- self.assertEqual(self.user.get_all_permissions(), {'user_perm', 'group_perm'})
+ self.assertEqual(self.user.get_all_permissions(), {"user_perm", "group_perm"})
def test_has_perm(self):
- self.assertIs(self.user.has_perm('user_perm'), True)
- self.assertIs(self.user.has_perm('group_perm'), True)
- self.assertIs(self.user.has_perm('other_perm', TestObj()), False)
+ self.assertIs(self.user.has_perm("user_perm"), True)
+ self.assertIs(self.user.has_perm("group_perm"), True)
+ self.assertIs(self.user.has_perm("other_perm", TestObj()), False)
def test_has_perms_perm_list_invalid(self):
- msg = 'perm_list must be an iterable of permissions.'
+ msg = "perm_list must be an iterable of permissions."
with self.assertRaisesMessage(ValueError, msg):
- self.user.has_perms('user_perm')
+ self.user.has_perms("user_perm")
with self.assertRaisesMessage(ValueError, msg):
self.user.has_perms(object())
@@ -78,11 +90,12 @@ class BaseModelBackendTest:
level UserModel attribute, and a create_users() method to
construct two users for test purposes.
"""
- backend = 'django.contrib.auth.backends.ModelBackend'
+
+ backend = "django.contrib.auth.backends.ModelBackend"
def setUp(self):
self.patched_settings = modify_settings(
- AUTHENTICATION_BACKENDS={'append': self.backend},
+ AUTHENTICATION_BACKENDS={"append": self.backend},
)
self.patched_settings.enable()
self.create_users()
@@ -96,72 +109,84 @@ class BaseModelBackendTest:
def test_has_perm(self):
user = self.UserModel._default_manager.get(pk=self.user.pk)
- self.assertIs(user.has_perm('auth.test'), False)
+ self.assertIs(user.has_perm("auth.test"), False)
user.is_staff = True
user.save()
- self.assertIs(user.has_perm('auth.test'), False)
+ self.assertIs(user.has_perm("auth.test"), False)
user.is_superuser = True
user.save()
- self.assertIs(user.has_perm('auth.test'), True)
+ self.assertIs(user.has_perm("auth.test"), True)
user.is_staff = True
user.is_superuser = True
user.is_active = False
user.save()
- self.assertIs(user.has_perm('auth.test'), False)
+ self.assertIs(user.has_perm("auth.test"), False)
def test_custom_perms(self):
user = self.UserModel._default_manager.get(pk=self.user.pk)
content_type = ContentType.objects.get_for_model(Group)
- perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
+ perm = Permission.objects.create(
+ name="test", content_type=content_type, codename="test"
+ )
user.user_permissions.add(perm)
# reloading user to purge the _perm_cache
user = self.UserModel._default_manager.get(pk=self.user.pk)
- self.assertEqual(user.get_all_permissions(), {'auth.test'})
- self.assertEqual(user.get_user_permissions(), {'auth.test'})
+ self.assertEqual(user.get_all_permissions(), {"auth.test"})
+ self.assertEqual(user.get_user_permissions(), {"auth.test"})
self.assertEqual(user.get_group_permissions(), set())
- self.assertIs(user.has_module_perms('Group'), False)
- self.assertIs(user.has_module_perms('auth'), True)
+ self.assertIs(user.has_module_perms("Group"), False)
+ self.assertIs(user.has_module_perms("auth"), True)
- perm = Permission.objects.create(name='test2', content_type=content_type, codename='test2')
+ perm = Permission.objects.create(
+ name="test2", content_type=content_type, codename="test2"
+ )
user.user_permissions.add(perm)
- perm = Permission.objects.create(name='test3', content_type=content_type, codename='test3')
+ perm = Permission.objects.create(
+ name="test3", content_type=content_type, codename="test3"
+ )
user.user_permissions.add(perm)
user = self.UserModel._default_manager.get(pk=self.user.pk)
- expected_user_perms = {'auth.test2', 'auth.test', 'auth.test3'}
+ expected_user_perms = {"auth.test2", "auth.test", "auth.test3"}
self.assertEqual(user.get_all_permissions(), expected_user_perms)
- self.assertIs(user.has_perm('test'), False)
- self.assertIs(user.has_perm('auth.test'), True)
- self.assertIs(user.has_perms(['auth.test2', 'auth.test3']), True)
+ self.assertIs(user.has_perm("test"), False)
+ self.assertIs(user.has_perm("auth.test"), True)
+ self.assertIs(user.has_perms(["auth.test2", "auth.test3"]), True)
- perm = Permission.objects.create(name='test_group', content_type=content_type, codename='test_group')
- group = Group.objects.create(name='test_group')
+ perm = Permission.objects.create(
+ name="test_group", content_type=content_type, codename="test_group"
+ )
+ group = Group.objects.create(name="test_group")
group.permissions.add(perm)
user.groups.add(group)
user = self.UserModel._default_manager.get(pk=self.user.pk)
- self.assertEqual(user.get_all_permissions(), {*expected_user_perms, 'auth.test_group'})
+ self.assertEqual(
+ user.get_all_permissions(), {*expected_user_perms, "auth.test_group"}
+ )
self.assertEqual(user.get_user_permissions(), expected_user_perms)
- self.assertEqual(user.get_group_permissions(), {'auth.test_group'})
- self.assertIs(user.has_perms(['auth.test3', 'auth.test_group']), True)
+ self.assertEqual(user.get_group_permissions(), {"auth.test_group"})
+ self.assertIs(user.has_perms(["auth.test3", "auth.test_group"]), True)
user = AnonymousUser()
- self.assertIs(user.has_perm('test'), False)
- self.assertIs(user.has_perms(['auth.test2', 'auth.test3']), False)
+ self.assertIs(user.has_perm("test"), False)
+ self.assertIs(user.has_perms(["auth.test2", "auth.test3"]), False)
def test_has_no_object_perm(self):
"""Regressiontest for #12462"""
user = self.UserModel._default_manager.get(pk=self.user.pk)
content_type = ContentType.objects.get_for_model(Group)
- perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
+ perm = Permission.objects.create(
+ name="test", content_type=content_type, codename="test"
+ )
user.user_permissions.add(perm)
- self.assertIs(user.has_perm('auth.test', 'object'), False)
- self.assertEqual(user.get_all_permissions('object'), set())
- self.assertIs(user.has_perm('auth.test'), True)
- self.assertEqual(user.get_all_permissions(), {'auth.test'})
+ self.assertIs(user.has_perm("auth.test", "object"), False)
+ self.assertEqual(user.get_all_permissions("object"), set())
+ self.assertIs(user.has_perm("auth.test"), True)
+ self.assertEqual(user.get_all_permissions(), {"auth.test"})
def test_anonymous_has_no_permissions(self):
"""
@@ -172,19 +197,25 @@ class BaseModelBackendTest:
user = self.UserModel._default_manager.get(pk=self.user.pk)
content_type = ContentType.objects.get_for_model(Group)
- user_perm = Permission.objects.create(name='test', content_type=content_type, codename='test_user')
- group_perm = Permission.objects.create(name='test2', content_type=content_type, codename='test_group')
+ user_perm = Permission.objects.create(
+ name="test", content_type=content_type, codename="test_user"
+ )
+ group_perm = Permission.objects.create(
+ name="test2", content_type=content_type, codename="test_group"
+ )
user.user_permissions.add(user_perm)
- group = Group.objects.create(name='test_group')
+ group = Group.objects.create(name="test_group")
user.groups.add(group)
group.permissions.add(group_perm)
- self.assertEqual(backend.get_all_permissions(user), {'auth.test_user', 'auth.test_group'})
- self.assertEqual(backend.get_user_permissions(user), {'auth.test_user'})
- self.assertEqual(backend.get_group_permissions(user), {'auth.test_group'})
+ self.assertEqual(
+ backend.get_all_permissions(user), {"auth.test_user", "auth.test_group"}
+ )
+ self.assertEqual(backend.get_user_permissions(user), {"auth.test_user"})
+ self.assertEqual(backend.get_group_permissions(user), {"auth.test_group"})
- with mock.patch.object(self.UserModel, 'is_anonymous', True):
+ with mock.patch.object(self.UserModel, "is_anonymous", True):
self.assertEqual(backend.get_all_permissions(user), set())
self.assertEqual(backend.get_user_permissions(user), set())
self.assertEqual(backend.get_group_permissions(user), set())
@@ -198,17 +229,23 @@ class BaseModelBackendTest:
user = self.UserModel._default_manager.get(pk=self.user.pk)
content_type = ContentType.objects.get_for_model(Group)
- user_perm = Permission.objects.create(name='test', content_type=content_type, codename='test_user')
- group_perm = Permission.objects.create(name='test2', content_type=content_type, codename='test_group')
+ user_perm = Permission.objects.create(
+ name="test", content_type=content_type, codename="test_user"
+ )
+ group_perm = Permission.objects.create(
+ name="test2", content_type=content_type, codename="test_group"
+ )
user.user_permissions.add(user_perm)
- group = Group.objects.create(name='test_group')
+ group = Group.objects.create(name="test_group")
user.groups.add(group)
group.permissions.add(group_perm)
- self.assertEqual(backend.get_all_permissions(user), {'auth.test_user', 'auth.test_group'})
- self.assertEqual(backend.get_user_permissions(user), {'auth.test_user'})
- self.assertEqual(backend.get_group_permissions(user), {'auth.test_group'})
+ self.assertEqual(
+ backend.get_all_permissions(user), {"auth.test_user", "auth.test_group"}
+ )
+ self.assertEqual(backend.get_user_permissions(user), {"auth.test_user"})
+ self.assertEqual(backend.get_group_permissions(user), {"auth.test_group"})
user.is_active = False
user.save()
@@ -222,29 +259,33 @@ class BaseModelBackendTest:
user = self.UserModel._default_manager.get(pk=self.superuser.pk)
self.assertEqual(len(user.get_all_permissions()), len(Permission.objects.all()))
- @override_settings(PASSWORD_HASHERS=['auth_tests.test_auth_backends.CountingMD5PasswordHasher'])
+ @override_settings(
+ PASSWORD_HASHERS=["auth_tests.test_auth_backends.CountingMD5PasswordHasher"]
+ )
def test_authentication_timing(self):
"""Hasher is run once regardless of whether the user exists. Refs #20760."""
# Re-set the password, because this tests overrides PASSWORD_HASHERS
- self.user.set_password('test')
+ self.user.set_password("test")
self.user.save()
CountingMD5PasswordHasher.calls = 0
username = getattr(self.user, self.UserModel.USERNAME_FIELD)
- authenticate(username=username, password='test')
+ authenticate(username=username, password="test")
self.assertEqual(CountingMD5PasswordHasher.calls, 1)
CountingMD5PasswordHasher.calls = 0
- authenticate(username='no_such_user', password='test')
+ authenticate(username="no_such_user", password="test")
self.assertEqual(CountingMD5PasswordHasher.calls, 1)
- @override_settings(PASSWORD_HASHERS=['auth_tests.test_auth_backends.CountingMD5PasswordHasher'])
+ @override_settings(
+ PASSWORD_HASHERS=["auth_tests.test_auth_backends.CountingMD5PasswordHasher"]
+ )
def test_authentication_without_credentials(self):
CountingMD5PasswordHasher.calls = 0
for credentials in (
{},
- {'username': getattr(self.user, self.UserModel.USERNAME_FIELD)},
- {'password': 'test'},
+ {"username": getattr(self.user, self.UserModel.USERNAME_FIELD)},
+ {"password": "test"},
):
with self.subTest(credentials=credentials):
with self.assertNumQueries(0):
@@ -256,15 +297,18 @@ class ModelBackendTest(BaseModelBackendTest, TestCase):
"""
Tests for the ModelBackend using the default User model.
"""
+
UserModel = User
- user_credentials = {'username': 'test', 'password': 'test'}
+ user_credentials = {"username": "test", "password": "test"}
def create_users(self):
- self.user = User.objects.create_user(email='test@example.com', **self.user_credentials)
+ self.user = User.objects.create_user(
+ email="test@example.com", **self.user_credentials
+ )
self.superuser = User.objects.create_superuser(
- username='test2',
- email='test2@example.com',
- password='test',
+ username="test2",
+ email="test2@example.com",
+ password="test",
)
def test_authenticate_inactive(self):
@@ -276,18 +320,20 @@ class ModelBackendTest(BaseModelBackendTest, TestCase):
self.user.save()
self.assertIsNone(authenticate(**self.user_credentials))
- @override_settings(AUTH_USER_MODEL='auth_tests.CustomUserWithoutIsActiveField')
+ @override_settings(AUTH_USER_MODEL="auth_tests.CustomUserWithoutIsActiveField")
def test_authenticate_user_without_is_active_field(self):
"""
A custom user without an `is_active` field is allowed to authenticate.
"""
user = CustomUserWithoutIsActiveField.objects._create_user(
- username='test', email='test@example.com', password='test',
+ username="test",
+ email="test@example.com",
+ password="test",
)
- self.assertEqual(authenticate(username='test', password='test'), user)
+ self.assertEqual(authenticate(username="test", password="test"), user)
-@override_settings(AUTH_USER_MODEL='auth_tests.ExtensionUser')
+@override_settings(AUTH_USER_MODEL="auth_tests.ExtensionUser")
class ExtensionUserModelBackendTest(BaseModelBackendTest, TestCase):
"""
Tests for the ModelBackend using the custom ExtensionUser model.
@@ -309,20 +355,20 @@ class ExtensionUserModelBackendTest(BaseModelBackendTest, TestCase):
def create_users(self):
self.user = ExtensionUser._default_manager.create_user(
- username='test',
- email='test@example.com',
- password='test',
- date_of_birth=date(2006, 4, 25)
+ username="test",
+ email="test@example.com",
+ password="test",
+ date_of_birth=date(2006, 4, 25),
)
self.superuser = ExtensionUser._default_manager.create_superuser(
- username='test2',
- email='test2@example.com',
- password='test',
- date_of_birth=date(1976, 11, 8)
+ username="test2",
+ email="test2@example.com",
+ password="test",
+ date_of_birth=date(1976, 11, 8),
)
-@override_settings(AUTH_USER_MODEL='auth_tests.CustomPermissionsUser')
+@override_settings(AUTH_USER_MODEL="auth_tests.CustomPermissionsUser")
class CustomPermissionsUserModelBackendTest(BaseModelBackendTest, TestCase):
"""
Tests for the ModelBackend using the CustomPermissionsUser model.
@@ -336,18 +382,14 @@ class CustomPermissionsUserModelBackendTest(BaseModelBackendTest, TestCase):
def create_users(self):
self.user = CustomPermissionsUser._default_manager.create_user(
- email='test@example.com',
- password='test',
- date_of_birth=date(2006, 4, 25)
+ email="test@example.com", password="test", date_of_birth=date(2006, 4, 25)
)
self.superuser = CustomPermissionsUser._default_manager.create_superuser(
- email='test2@example.com',
- password='test',
- date_of_birth=date(1976, 11, 8)
+ email="test2@example.com", password="test", date_of_birth=date(1976, 11, 8)
)
-@override_settings(AUTH_USER_MODEL='auth_tests.CustomUser')
+@override_settings(AUTH_USER_MODEL="auth_tests.CustomUser")
class CustomUserModelBackendAuthenticateTest(TestCase):
"""
The model backend can accept a credentials kwarg labeled with
@@ -356,24 +398,23 @@ class CustomUserModelBackendAuthenticateTest(TestCase):
def test_authenticate(self):
test_user = CustomUser._default_manager.create_user(
- email='test@example.com',
- password='test',
- date_of_birth=date(2006, 4, 25)
+ email="test@example.com", password="test", date_of_birth=date(2006, 4, 25)
)
- authenticated_user = authenticate(email='test@example.com', password='test')
+ authenticated_user = authenticate(email="test@example.com", password="test")
self.assertEqual(test_user, authenticated_user)
-@override_settings(AUTH_USER_MODEL='auth_tests.UUIDUser')
+@override_settings(AUTH_USER_MODEL="auth_tests.UUIDUser")
class UUIDUserTests(TestCase):
-
def test_login(self):
"""
A custom user with a UUID primary key should be able to login.
"""
- user = UUIDUser.objects.create_user(username='uuid', password='test')
- self.assertTrue(self.client.login(username='uuid', password='test'))
- self.assertEqual(UUIDUser.objects.get(pk=self.client.session[SESSION_KEY]), user)
+ user = UUIDUser.objects.create_user(username="uuid", password="test")
+ self.assertTrue(self.client.login(username="uuid", password="test"))
+ self.assertEqual(
+ UUIDUser.objects.get(pk=self.client.session[SESSION_KEY]), user
+ )
class TestObj:
@@ -386,47 +427,49 @@ class SimpleRowlevelBackend:
return # We only support row level perms
if isinstance(obj, TestObj):
- if user.username == 'test2':
+ if user.username == "test2":
return True
- elif user.is_anonymous and perm == 'anon':
+ elif user.is_anonymous and perm == "anon":
return True
- elif not user.is_active and perm == 'inactive':
+ elif not user.is_active and perm == "inactive":
return True
return False
def has_module_perms(self, user, app_label):
- return (user.is_anonymous or user.is_active) and app_label == 'app1'
+ return (user.is_anonymous or user.is_active) and app_label == "app1"
def get_all_permissions(self, user, obj=None):
if not obj:
return [] # We only support row level perms
if not isinstance(obj, TestObj):
- return ['none']
+ return ["none"]
if user.is_anonymous:
- return ['anon']
- if user.username == 'test2':
- return ['simple', 'advanced']
+ return ["anon"]
+ if user.username == "test2":
+ return ["simple", "advanced"]
else:
- return ['simple']
+ return ["simple"]
def get_group_permissions(self, user, obj=None):
if not obj:
return # We only support row level perms
if not isinstance(obj, TestObj):
- return ['none']
+ return ["none"]
- if 'test_group' in [group.name for group in user.groups.all()]:
- return ['group_perm']
+ if "test_group" in [group.name for group in user.groups.all()]:
+ return ["group_perm"]
else:
- return ['none']
+ return ["none"]
-@modify_settings(AUTHENTICATION_BACKENDS={
- 'append': 'auth_tests.test_auth_backends.SimpleRowlevelBackend',
-})
+@modify_settings(
+ AUTHENTICATION_BACKENDS={
+ "append": "auth_tests.test_auth_backends.SimpleRowlevelBackend",
+ }
+)
class RowlevelBackendTest(TestCase):
"""
Tests for auth backend that supports object level permissions
@@ -434,9 +477,9 @@ class RowlevelBackendTest(TestCase):
@classmethod
def setUpTestData(cls):
- cls.user1 = User.objects.create_user('test', 'test@example.com', 'test')
- cls.user2 = User.objects.create_user('test2', 'test2@example.com', 'test')
- cls.user3 = User.objects.create_user('test3', 'test3@example.com', 'test')
+ cls.user1 = User.objects.create_user("test", "test@example.com", "test")
+ cls.user2 = User.objects.create_user("test2", "test2@example.com", "test")
+ cls.user3 = User.objects.create_user("test3", "test3@example.com", "test")
def tearDown(self):
# The get_group_permissions test messes with ContentTypes, which will
@@ -445,27 +488,29 @@ class RowlevelBackendTest(TestCase):
ContentType.objects.clear_cache()
def test_has_perm(self):
- self.assertIs(self.user1.has_perm('perm', TestObj()), False)
- self.assertIs(self.user2.has_perm('perm', TestObj()), True)
- self.assertIs(self.user2.has_perm('perm'), False)
- self.assertIs(self.user2.has_perms(['simple', 'advanced'], TestObj()), True)
- self.assertIs(self.user3.has_perm('perm', TestObj()), False)
- self.assertIs(self.user3.has_perm('anon', TestObj()), False)
- self.assertIs(self.user3.has_perms(['simple', 'advanced'], TestObj()), False)
+ self.assertIs(self.user1.has_perm("perm", TestObj()), False)
+ self.assertIs(self.user2.has_perm("perm", TestObj()), True)
+ self.assertIs(self.user2.has_perm("perm"), False)
+ self.assertIs(self.user2.has_perms(["simple", "advanced"], TestObj()), True)
+ self.assertIs(self.user3.has_perm("perm", TestObj()), False)
+ self.assertIs(self.user3.has_perm("anon", TestObj()), False)
+ self.assertIs(self.user3.has_perms(["simple", "advanced"], TestObj()), False)
def test_get_all_permissions(self):
- self.assertEqual(self.user1.get_all_permissions(TestObj()), {'simple'})
- self.assertEqual(self.user2.get_all_permissions(TestObj()), {'simple', 'advanced'})
+ self.assertEqual(self.user1.get_all_permissions(TestObj()), {"simple"})
+ self.assertEqual(
+ self.user2.get_all_permissions(TestObj()), {"simple", "advanced"}
+ )
self.assertEqual(self.user2.get_all_permissions(), set())
def test_get_group_permissions(self):
- group = Group.objects.create(name='test_group')
+ group = Group.objects.create(name="test_group")
self.user3.groups.add(group)
- self.assertEqual(self.user3.get_group_permissions(TestObj()), {'group_perm'})
+ self.assertEqual(self.user3.get_group_permissions(TestObj()), {"group_perm"})
@override_settings(
- AUTHENTICATION_BACKENDS=['auth_tests.test_auth_backends.SimpleRowlevelBackend'],
+ AUTHENTICATION_BACKENDS=["auth_tests.test_auth_backends.SimpleRowlevelBackend"],
)
class AnonymousUserBackendTest(SimpleTestCase):
"""
@@ -476,17 +521,17 @@ class AnonymousUserBackendTest(SimpleTestCase):
self.user1 = AnonymousUser()
def test_has_perm(self):
- self.assertIs(self.user1.has_perm('perm', TestObj()), False)
- self.assertIs(self.user1.has_perm('anon', TestObj()), True)
+ self.assertIs(self.user1.has_perm("perm", TestObj()), False)
+ self.assertIs(self.user1.has_perm("anon", TestObj()), True)
def test_has_perms(self):
- self.assertIs(self.user1.has_perms(['anon'], TestObj()), True)
- self.assertIs(self.user1.has_perms(['anon', 'perm'], TestObj()), False)
+ self.assertIs(self.user1.has_perms(["anon"], TestObj()), True)
+ self.assertIs(self.user1.has_perms(["anon", "perm"], TestObj()), False)
def test_has_perms_perm_list_invalid(self):
- msg = 'perm_list must be an iterable of permissions.'
+ msg = "perm_list must be an iterable of permissions."
with self.assertRaisesMessage(ValueError, msg):
- self.user1.has_perms('perm')
+ self.user1.has_perms("perm")
with self.assertRaisesMessage(ValueError, msg):
self.user1.has_perms(object())
@@ -495,7 +540,7 @@ class AnonymousUserBackendTest(SimpleTestCase):
self.assertIs(self.user1.has_module_perms("app2"), False)
def test_get_all_permissions(self):
- self.assertEqual(self.user1.get_all_permissions(TestObj()), {'anon'})
+ self.assertEqual(self.user1.get_all_permissions(TestObj()), {"anon"})
@override_settings(AUTHENTICATION_BACKENDS=[])
@@ -503,20 +548,23 @@ class NoBackendsTest(TestCase):
"""
An appropriate error is raised if no auth backends are provided.
"""
+
@classmethod
def setUpTestData(cls):
- cls.user = User.objects.create_user('test', 'test@example.com', 'test')
+ cls.user = User.objects.create_user("test", "test@example.com", "test")
def test_raises_exception(self):
msg = (
- 'No authentication backends have been defined. '
- 'Does AUTHENTICATION_BACKENDS contain anything?'
+ "No authentication backends have been defined. "
+ "Does AUTHENTICATION_BACKENDS contain anything?"
)
with self.assertRaisesMessage(ImproperlyConfigured, msg):
- self.user.has_perm(('perm', TestObj()))
+ self.user.has_perm(("perm", TestObj()))
-@override_settings(AUTHENTICATION_BACKENDS=['auth_tests.test_auth_backends.SimpleRowlevelBackend'])
+@override_settings(
+ AUTHENTICATION_BACKENDS=["auth_tests.test_auth_backends.SimpleRowlevelBackend"]
+)
class InActiveUserBackendTest(TestCase):
"""
Tests for an inactive user
@@ -524,13 +572,13 @@ class InActiveUserBackendTest(TestCase):
@classmethod
def setUpTestData(cls):
- cls.user1 = User.objects.create_user('test', 'test@example.com', 'test')
+ cls.user1 = User.objects.create_user("test", "test@example.com", "test")
cls.user1.is_active = False
cls.user1.save()
def test_has_perm(self):
- self.assertIs(self.user1.has_perm('perm', TestObj()), False)
- self.assertIs(self.user1.has_perm('inactive', TestObj()), True)
+ self.assertIs(self.user1.has_perm("perm", TestObj()), False)
+ self.assertIs(self.user1.has_perm("inactive", TestObj()), True)
def test_has_module_perms(self):
self.assertIs(self.user1.has_module_perms("app1"), False)
@@ -556,11 +604,12 @@ class PermissionDeniedBackendTest(TestCase):
"""
Other backends are not checked once a backend raises PermissionDenied
"""
- backend = 'auth_tests.test_auth_backends.PermissionDeniedBackend'
+
+ backend = "auth_tests.test_auth_backends.PermissionDeniedBackend"
@classmethod
def setUpTestData(cls):
- cls.user1 = User.objects.create_user('test', 'test@example.com', 'test')
+ cls.user1 = User.objects.create_user("test", "test@example.com", "test")
def setUp(self):
self.user_login_failed = []
@@ -572,34 +621,41 @@ class PermissionDeniedBackendTest(TestCase):
def user_login_failed_listener(self, sender, credentials, **kwargs):
self.user_login_failed.append(credentials)
- @modify_settings(AUTHENTICATION_BACKENDS={'prepend': backend})
+ @modify_settings(AUTHENTICATION_BACKENDS={"prepend": backend})
def test_permission_denied(self):
"user is not authenticated after a backend raises permission denied #2550"
- self.assertIsNone(authenticate(username='test', password='test'))
+ self.assertIsNone(authenticate(username="test", password="test"))
# user_login_failed signal is sent.
- self.assertEqual(self.user_login_failed, [{'password': '********************', 'username': 'test'}])
+ self.assertEqual(
+ self.user_login_failed,
+ [{"password": "********************", "username": "test"}],
+ )
- @modify_settings(AUTHENTICATION_BACKENDS={'append': backend})
+ @modify_settings(AUTHENTICATION_BACKENDS={"append": backend})
def test_authenticates(self):
- self.assertEqual(authenticate(username='test', password='test'), self.user1)
+ self.assertEqual(authenticate(username="test", password="test"), self.user1)
- @modify_settings(AUTHENTICATION_BACKENDS={'prepend': backend})
+ @modify_settings(AUTHENTICATION_BACKENDS={"prepend": backend})
def test_has_perm_denied(self):
content_type = ContentType.objects.get_for_model(Group)
- perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
+ perm = Permission.objects.create(
+ name="test", content_type=content_type, codename="test"
+ )
self.user1.user_permissions.add(perm)
- self.assertIs(self.user1.has_perm('auth.test'), False)
- self.assertIs(self.user1.has_module_perms('auth'), False)
+ self.assertIs(self.user1.has_perm("auth.test"), False)
+ self.assertIs(self.user1.has_module_perms("auth"), False)
- @modify_settings(AUTHENTICATION_BACKENDS={'append': backend})
+ @modify_settings(AUTHENTICATION_BACKENDS={"append": backend})
def test_has_perm(self):
content_type = ContentType.objects.get_for_model(Group)
- perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
+ perm = Permission.objects.create(
+ name="test", content_type=content_type, codename="test"
+ )
self.user1.user_permissions.add(perm)
- self.assertIs(self.user1.has_perm('auth.test'), True)
- self.assertIs(self.user1.has_module_perms('auth'), True)
+ self.assertIs(self.user1.has_perm("auth.test"), True)
+ self.assertIs(self.user1.has_module_perms("auth"), True)
class NewModelBackend(ModelBackend):
@@ -610,11 +666,12 @@ class ChangedBackendSettingsTest(TestCase):
"""
Tests for changes in the settings.AUTHENTICATION_BACKENDS
"""
- backend = 'auth_tests.test_auth_backends.NewModelBackend'
- TEST_USERNAME = 'test_user'
- TEST_PASSWORD = 'test_password'
- TEST_EMAIL = 'test@example.com'
+ backend = "auth_tests.test_auth_backends.NewModelBackend"
+
+ TEST_USERNAME = "test_user"
+ TEST_PASSWORD = "test_password"
+ TEST_EMAIL = "test@example.com"
@classmethod
def setUpTestData(cls):
@@ -627,16 +684,19 @@ class ChangedBackendSettingsTest(TestCase):
logged-in users disconnect.
"""
# Get a session for the test user
- self.assertTrue(self.client.login(
- username=self.TEST_USERNAME,
- password=self.TEST_PASSWORD,
- ))
+ self.assertTrue(
+ self.client.login(
+ username=self.TEST_USERNAME,
+ password=self.TEST_PASSWORD,
+ )
+ )
# Prepare a request object
request = HttpRequest()
request.session = self.client.session
# Remove NewModelBackend
- with self.settings(AUTHENTICATION_BACKENDS=[
- 'django.contrib.auth.backends.ModelBackend']):
+ with self.settings(
+ AUTHENTICATION_BACKENDS=["django.contrib.auth.backends.ModelBackend"]
+ ):
# Get the user from the request
user = get_user(request)
@@ -651,7 +711,7 @@ class TypeErrorBackend:
Always raises TypeError.
"""
- @sensitive_variables('password')
+ @sensitive_variables("password")
def authenticate(self, request, username=None, password=None):
raise TypeError
@@ -671,31 +731,35 @@ class SkippedBackendWithDecoratedMethod:
class AuthenticateTests(TestCase):
@classmethod
def setUpTestData(cls):
- cls.user1 = User.objects.create_user('test', 'test@example.com', 'test')
+ cls.user1 = User.objects.create_user("test", "test@example.com", "test")
def setUp(self):
- self.sensitive_password = 'mypassword'
+ self.sensitive_password = "mypassword"
- @override_settings(AUTHENTICATION_BACKENDS=['auth_tests.test_auth_backends.TypeErrorBackend'])
+ @override_settings(
+ AUTHENTICATION_BACKENDS=["auth_tests.test_auth_backends.TypeErrorBackend"]
+ )
def test_type_error_raised(self):
"""A TypeError within a backend is propagated properly (#18171)."""
with self.assertRaises(TypeError):
- authenticate(username='test', password='test')
+ authenticate(username="test", password="test")
- @override_settings(AUTHENTICATION_BACKENDS=['auth_tests.test_auth_backends.TypeErrorBackend'])
+ @override_settings(
+ AUTHENTICATION_BACKENDS=["auth_tests.test_auth_backends.TypeErrorBackend"]
+ )
def test_authenticate_sensitive_variables(self):
try:
- authenticate(username='testusername', password=self.sensitive_password)
+ authenticate(username="testusername", password=self.sensitive_password)
except TypeError:
exc_info = sys.exc_info()
rf = RequestFactory()
- response = technical_500_response(rf.get('/'), *exc_info)
+ response = technical_500_response(rf.get("/"), *exc_info)
self.assertNotContains(response, self.sensitive_password, status_code=500)
- self.assertContains(response, 'TypeErrorBackend', status_code=500)
+ self.assertContains(response, "TypeErrorBackend", status_code=500)
self.assertContains(
response,
'<tr><td>credentials</td><td class="code">'
- '<pre>&#39;********************&#39;</pre></td></tr>',
+ "<pre>&#39;********************&#39;</pre></td></tr>",
html=True,
status_code=500,
)
@@ -707,33 +771,37 @@ class AuthenticateTests(TestCase):
except TypeError:
exc_info = sys.exc_info()
rf = RequestFactory()
- response = technical_500_response(rf.get('/'), *exc_info)
+ response = technical_500_response(rf.get("/"), *exc_info)
self.assertNotContains(response, self.sensitive_password, status_code=500)
self.assertContains(
response,
'<tr><td>credentials</td><td class="code">'
- '<pre>&#39;********************&#39;</pre></td></tr>',
+ "<pre>&#39;********************&#39;</pre></td></tr>",
html=True,
status_code=500,
)
- @override_settings(AUTHENTICATION_BACKENDS=(
- 'auth_tests.test_auth_backends.SkippedBackend',
- 'django.contrib.auth.backends.ModelBackend',
- ))
+ @override_settings(
+ AUTHENTICATION_BACKENDS=(
+ "auth_tests.test_auth_backends.SkippedBackend",
+ "django.contrib.auth.backends.ModelBackend",
+ )
+ )
def test_skips_backends_without_arguments(self):
"""
A backend (SkippedBackend) is ignored if it doesn't accept the
credentials as arguments.
"""
- self.assertEqual(authenticate(username='test', password='test'), self.user1)
+ self.assertEqual(authenticate(username="test", password="test"), self.user1)
- @override_settings(AUTHENTICATION_BACKENDS=(
- 'auth_tests.test_auth_backends.SkippedBackendWithDecoratedMethod',
- 'django.contrib.auth.backends.ModelBackend',
- ))
+ @override_settings(
+ AUTHENTICATION_BACKENDS=(
+ "auth_tests.test_auth_backends.SkippedBackendWithDecoratedMethod",
+ "django.contrib.auth.backends.ModelBackend",
+ )
+ )
def test_skips_backends_with_decorated_method(self):
- self.assertEqual(authenticate(username='test', password='test'), self.user1)
+ self.assertEqual(authenticate(username="test", password="test"), self.user1)
class ImproperlyConfiguredUserModelTest(TestCase):
@@ -741,14 +809,15 @@ class ImproperlyConfiguredUserModelTest(TestCase):
An exception from within get_user_model() is propagated and doesn't
raise an UnboundLocalError (#21439).
"""
+
@classmethod
def setUpTestData(cls):
- cls.user1 = User.objects.create_user('test', 'test@example.com', 'test')
+ cls.user1 = User.objects.create_user("test", "test@example.com", "test")
def setUp(self):
- self.client.login(username='test', password='test')
+ self.client.login(username="test", password="test")
- @override_settings(AUTH_USER_MODEL='thismodel.doesntexist')
+ @override_settings(AUTH_USER_MODEL="thismodel.doesntexist")
def test_does_not_shadow_exception(self):
# Prepare a request object
request = HttpRequest()
@@ -780,13 +849,13 @@ class ImportedBackendTests(TestCase):
as the one defined in AUTHENTICATION_BACKENDS setting.
"""
- backend = 'auth_tests.backend_alias.ImportedModelBackend'
+ backend = "auth_tests.backend_alias.ImportedModelBackend"
@override_settings(AUTHENTICATION_BACKENDS=[backend])
def test_backend_path(self):
- username = 'username'
- password = 'password'
- User.objects.create_user(username, 'email', password)
+ username = "username"
+ password = "password"
+ User.objects.create_user(username, "email", password)
self.assertTrue(self.client.login(username=username, password=password))
request = HttpRequest()
request.session = self.client.session
@@ -794,10 +863,10 @@ class ImportedBackendTests(TestCase):
class SelectingBackendTests(TestCase):
- backend = 'auth_tests.test_auth_backends.CustomModelBackend'
- other_backend = 'auth_tests.test_auth_backends.OtherModelBackend'
- username = 'username'
- password = 'password'
+ backend = "auth_tests.test_auth_backends.CustomModelBackend"
+ other_backend = "auth_tests.test_auth_backends.OtherModelBackend"
+ username = "username"
+ password = "password"
def assertBackendInSession(self, backend):
request = HttpRequest()
@@ -806,49 +875,51 @@ class SelectingBackendTests(TestCase):
@override_settings(AUTHENTICATION_BACKENDS=[backend])
def test_backend_path_login_without_authenticate_single_backend(self):
- user = User.objects.create_user(self.username, 'email', self.password)
+ user = User.objects.create_user(self.username, "email", self.password)
self.client._login(user)
self.assertBackendInSession(self.backend)
@override_settings(AUTHENTICATION_BACKENDS=[backend, other_backend])
def test_backend_path_login_without_authenticate_multiple_backends(self):
- user = User.objects.create_user(self.username, 'email', self.password)
+ user = User.objects.create_user(self.username, "email", self.password)
expected_message = (
- 'You have multiple authentication backends configured and '
- 'therefore must provide the `backend` argument or set the '
- '`backend` attribute on the user.'
+ "You have multiple authentication backends configured and "
+ "therefore must provide the `backend` argument or set the "
+ "`backend` attribute on the user."
)
with self.assertRaisesMessage(ValueError, expected_message):
self.client._login(user)
def test_non_string_backend(self):
- user = User.objects.create_user(self.username, 'email', self.password)
+ user = User.objects.create_user(self.username, "email", self.password)
expected_message = (
- 'backend must be a dotted import path string (got '
- '<class \'django.contrib.auth.backends.ModelBackend\'>).'
+ "backend must be a dotted import path string (got "
+ "<class 'django.contrib.auth.backends.ModelBackend'>)."
)
with self.assertRaisesMessage(TypeError, expected_message):
self.client._login(user, backend=ModelBackend)
@override_settings(AUTHENTICATION_BACKENDS=[backend, other_backend])
def test_backend_path_login_with_explicit_backends(self):
- user = User.objects.create_user(self.username, 'email', self.password)
+ user = User.objects.create_user(self.username, "email", self.password)
self.client._login(user, self.other_backend)
self.assertBackendInSession(self.other_backend)
-@override_settings(AUTHENTICATION_BACKENDS=['django.contrib.auth.backends.AllowAllUsersModelBackend'])
+@override_settings(
+ AUTHENTICATION_BACKENDS=["django.contrib.auth.backends.AllowAllUsersModelBackend"]
+)
class AllowAllUsersModelBackendTest(TestCase):
"""
Inactive users may authenticate with the AllowAllUsersModelBackend.
"""
- user_credentials = {'username': 'test', 'password': 'test'}
+
+ user_credentials = {"username": "test", "password": "test"}
@classmethod
def setUpTestData(cls):
cls.user = User.objects.create_user(
- email='test@example.com', is_active=False,
- **cls.user_credentials
+ email="test@example.com", is_active=False, **cls.user_credentials
)
def test_authenticate(self):
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 06:11:48 +0000