Fixed #6552, #12031 - Make django.core.context_processors.auth lazy to avoid "Vary: Cookie"

Thanks to olau@iola.dk, Suor for the report git-svn-id: http://code.djangoproject.com/svn/django/trunk@11623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2025-10-24 06:06:09 +00:00 · 2009-10-14 18:09:13 +00:00
parent f14833ee67
commit c161bf21f0
12 changed files with 145 additions and 14 deletions
--- a/tests/regressiontests/context_processors/tests.py
+++ b/tests/regressiontests/context_processors/tests.py
@@ -36,3 +36,46 @@ class RequestContextProcessorTests(TestCase):
        self.assertContains(response, url)
        response = self.client.post(url, {'path': '/blah/'})
        self.assertContains(response, url)
+
+class AuthContextProcessorTests(TestCase):
+    """
+    Tests for the ``django.core.context_processors.auth`` processor
+    """
+    urls = 'regressiontests.context_processors.urls'
+    fixtures = ['context-processors-users.xml']
+
+    def test_session_not_accessed(self):
+        """
+        Tests that the session is not accessed simply by including
+        the auth context processor
+        """
+        response = self.client.get('/auth_processor_no_attr_access/')
+        self.assertContains(response, "Session not accessed")
+
+    def test_session_is_accessed(self):
+        """
+        Tests that the session is accessed if the auth context processor
+        is used and relevant attributes accessed.
+        """
+        response = self.client.get('/auth_processor_attr_access/')
+        self.assertContains(response, "Session accessed")
+
+    def test_perms_attrs(self):
+        self.client.login(username='super', password='secret')
+        response = self.client.get('/auth_processor_perms/')
+        self.assertContains(response, "Has auth permissions")
+
+    def test_message_attrs(self):
+        self.client.login(username='super', password='secret')
+        response = self.client.get('/auth_processor_messages/')
+        self.assertContains(response, "Message 1")
+
+    def test_user_attrs(self):
+        """
+        Test that ContextLazyObject wraps objects properly
+        """
+        self.client.login(username='super', password='secret')
+        response = self.client.get('/auth_processor_user/')
+        self.assertContains(response, "unicode: super")
+        self.assertContains(response, "id: 100")
+        self.assertContains(response, "username: super")