Added more tests for decorators.

2025-10-31 09:41:08 +00:00 · 2023-09-13 10:00:01 +02:00
parent fe19b33e2f
commit 059cb0dbc9
3 changed files with 111 additions and 2 deletions
--- a/tests/decorators/test_csrf.py
+++ b/tests/decorators/test_csrf.py
@@ -1,8 +1,77 @@
 from asgiref.sync import iscoroutinefunction

+from django.conf import settings
 from django.http import HttpRequest, HttpResponse
 from django.test import SimpleTestCase
-from django.views.decorators.csrf import csrf_exempt
+from django.views.decorators.csrf import (
+    csrf_exempt,
+    csrf_protect,
+    ensure_csrf_cookie,
+    requires_csrf_token,
+)
+
+CSRF_TOKEN = "1bcdefghij2bcdefghij3bcdefghij4bcdefghij5bcdefghij6bcdefghijABCD"
+
+
+class CsrfTestMixin:
+    def get_request(self, token=CSRF_TOKEN):
+        request = HttpRequest()
+        request.method = "POST"
+        if token:
+            request.POST["csrfmiddlewaretoken"] = token
+            request.COOKIES[settings.CSRF_COOKIE_NAME] = token
+        return request
+
+
+class CsrfProtectTests(CsrfTestMixin, SimpleTestCase):
+    def test_csrf_protect_decorator(self):
+        @csrf_protect
+        def sync_view(request):
+            return HttpResponse()
+
+        request = self.get_request()
+        response = sync_view(request)
+        self.assertEqual(response.status_code, 200)
+        self.assertIs(request.csrf_processing_done, True)
+
+        with self.assertLogs("django.security.csrf", "WARNING"):
+            request = self.get_request(token=None)
+            response = sync_view(request)
+            self.assertEqual(response.status_code, 403)
+
+
+class RequiresCsrfTokenTests(CsrfTestMixin, SimpleTestCase):
+    def test_requires_csrf_token_decorator(self):
+        @requires_csrf_token
+        def sync_view(request):
+            return HttpResponse()
+
+        request = self.get_request()
+        response = sync_view(request)
+        self.assertEqual(response.status_code, 200)
+        self.assertIs(request.csrf_processing_done, True)
+
+        with self.assertNoLogs("django.security.csrf", "WARNING"):
+            request = self.get_request(token=None)
+            response = sync_view(request)
+            self.assertEqual(response.status_code, 200)
+
+
+class EnsureCsrfCookieTests(CsrfTestMixin, SimpleTestCase):
+    def test_ensure_csrf_cookie_decorator(self):
+        @ensure_csrf_cookie
+        def sync_view(request):
+            return HttpResponse()
+
+        request = self.get_request()
+        response = sync_view(request)
+        self.assertEqual(response.status_code, 200)
+        self.assertIs(request.csrf_processing_done, True)
+
+        with self.assertNoLogs("django.security.csrf", "WARNING"):
+            request = self.get_request(token=None)
+            response = sync_view(request)
+            self.assertEqual(response.status_code, 200)


 class CsrfExemptTests(SimpleTestCase):