mirror of https://github.com/django/django.git
209 lines
8.4 KiB
Python
209 lines
8.4 KiB
Python
from django.conf import settings
|
|
from django.contrib.auth import aget_user, get_user, get_user_model
|
|
from django.contrib.auth.models import AnonymousUser, User
|
|
from django.core.exceptions import ImproperlyConfigured
|
|
from django.db import IntegrityError
|
|
from django.http import HttpRequest
|
|
from django.test import TestCase, override_settings
|
|
from django.utils import translation
|
|
|
|
from .models import CustomUser
|
|
|
|
|
|
class BasicTestCase(TestCase):
|
|
def test_user(self):
|
|
"Users can be created and can set their password"
|
|
u = User.objects.create_user("testuser", "test@example.com", "testpw")
|
|
self.assertTrue(u.has_usable_password())
|
|
self.assertFalse(u.check_password("bad"))
|
|
self.assertTrue(u.check_password("testpw"))
|
|
|
|
# Check we can manually set an unusable password
|
|
u.set_unusable_password()
|
|
u.save()
|
|
self.assertFalse(u.check_password("testpw"))
|
|
self.assertFalse(u.has_usable_password())
|
|
u.set_password("testpw")
|
|
self.assertTrue(u.check_password("testpw"))
|
|
u.set_password(None)
|
|
self.assertFalse(u.has_usable_password())
|
|
|
|
# Check username getter
|
|
self.assertEqual(u.get_username(), "testuser")
|
|
|
|
# Check authentication/permissions
|
|
self.assertFalse(u.is_anonymous)
|
|
self.assertTrue(u.is_authenticated)
|
|
self.assertFalse(u.is_staff)
|
|
self.assertTrue(u.is_active)
|
|
self.assertFalse(u.is_superuser)
|
|
|
|
# Check API-based user creation with no password
|
|
u2 = User.objects.create_user("testuser2", "test2@example.com")
|
|
self.assertFalse(u2.has_usable_password())
|
|
|
|
async def test_acreate(self):
|
|
u = await User.objects.acreate_user("testuser", "test@example.com", "testpw")
|
|
self.assertTrue(u.has_usable_password())
|
|
self.assertFalse(await u.acheck_password("bad"))
|
|
self.assertTrue(await u.acheck_password("testpw"))
|
|
|
|
def test_unicode_username(self):
|
|
User.objects.create_user("jörg")
|
|
User.objects.create_user("Григорий")
|
|
# Two equivalent Unicode normalized usernames are duplicates.
|
|
omega_username = "iamtheΩ" # U+03A9 GREEK CAPITAL LETTER OMEGA
|
|
ohm_username = "iamtheΩ" # U+2126 OHM SIGN
|
|
User.objects.create_user(ohm_username)
|
|
with self.assertRaises(IntegrityError):
|
|
User.objects.create_user(omega_username)
|
|
|
|
def test_user_no_email(self):
|
|
"Users can be created without an email"
|
|
cases = [
|
|
{},
|
|
{"email": ""},
|
|
{"email": None},
|
|
]
|
|
for i, kwargs in enumerate(cases):
|
|
with self.subTest(**kwargs):
|
|
u = User.objects.create_user("testuser{}".format(i), **kwargs)
|
|
self.assertEqual(u.email, "")
|
|
|
|
def test_superuser(self):
|
|
"Check the creation and properties of a superuser"
|
|
super = User.objects.create_superuser("super", "super@example.com", "super")
|
|
self.assertTrue(super.is_superuser)
|
|
self.assertTrue(super.is_active)
|
|
self.assertTrue(super.is_staff)
|
|
|
|
async def test_asuperuser(self):
|
|
"Check the creation and properties of a superuser"
|
|
super = await User.objects.acreate_superuser(
|
|
"super", "super@example.com", "super"
|
|
)
|
|
self.assertTrue(super.is_superuser)
|
|
self.assertTrue(super.is_active)
|
|
self.assertTrue(super.is_staff)
|
|
|
|
def test_superuser_no_email_or_password(self):
|
|
cases = [
|
|
{},
|
|
{"email": ""},
|
|
{"email": None},
|
|
{"password": None},
|
|
]
|
|
for i, kwargs in enumerate(cases):
|
|
with self.subTest(**kwargs):
|
|
superuser = User.objects.create_superuser("super{}".format(i), **kwargs)
|
|
self.assertEqual(superuser.email, "")
|
|
self.assertFalse(superuser.has_usable_password())
|
|
|
|
def test_get_user_model(self):
|
|
"The current user model can be retrieved"
|
|
self.assertEqual(get_user_model(), User)
|
|
|
|
@override_settings(AUTH_USER_MODEL="auth_tests.CustomUser")
|
|
def test_swappable_user(self):
|
|
"The current user model can be swapped out for another"
|
|
self.assertEqual(get_user_model(), CustomUser)
|
|
with self.assertRaises(AttributeError):
|
|
User.objects.all()
|
|
|
|
@override_settings(AUTH_USER_MODEL="badsetting")
|
|
def test_swappable_user_bad_setting(self):
|
|
"The alternate user setting must point to something in the format app.model"
|
|
msg = "AUTH_USER_MODEL must be of the form 'app_label.model_name'"
|
|
with self.assertRaisesMessage(ImproperlyConfigured, msg):
|
|
get_user_model()
|
|
|
|
@override_settings(AUTH_USER_MODEL="thismodel.doesntexist")
|
|
def test_swappable_user_nonexistent_model(self):
|
|
"The current user model must point to an installed model"
|
|
msg = (
|
|
"AUTH_USER_MODEL refers to model 'thismodel.doesntexist' "
|
|
"that has not been installed"
|
|
)
|
|
with self.assertRaisesMessage(ImproperlyConfigured, msg):
|
|
get_user_model()
|
|
|
|
def test_user_verbose_names_translatable(self):
|
|
"Default User model verbose names are translatable (#19945)"
|
|
with translation.override("en"):
|
|
self.assertEqual(User._meta.verbose_name, "user")
|
|
self.assertEqual(User._meta.verbose_name_plural, "users")
|
|
with translation.override("es"):
|
|
self.assertEqual(User._meta.verbose_name, "usuario")
|
|
self.assertEqual(User._meta.verbose_name_plural, "usuarios")
|
|
|
|
|
|
class TestGetUser(TestCase):
|
|
def test_get_user_anonymous(self):
|
|
request = HttpRequest()
|
|
request.session = self.client.session
|
|
user = get_user(request)
|
|
self.assertIsInstance(user, AnonymousUser)
|
|
|
|
async def test_aget_user_anonymous(self):
|
|
request = HttpRequest()
|
|
request.session = await self.client.asession()
|
|
user = await aget_user(request)
|
|
self.assertIsInstance(user, AnonymousUser)
|
|
|
|
def test_get_user(self):
|
|
created_user = User.objects.create_user(
|
|
"testuser", "test@example.com", "testpw"
|
|
)
|
|
self.client.login(username="testuser", password="testpw")
|
|
request = HttpRequest()
|
|
request.session = self.client.session
|
|
user = get_user(request)
|
|
self.assertIsInstance(user, User)
|
|
self.assertEqual(user.username, created_user.username)
|
|
|
|
def test_get_user_fallback_secret(self):
|
|
created_user = User.objects.create_user(
|
|
"testuser", "test@example.com", "testpw"
|
|
)
|
|
self.client.login(username="testuser", password="testpw")
|
|
request = HttpRequest()
|
|
request.session = self.client.session
|
|
prev_session_key = request.session.session_key
|
|
with override_settings(
|
|
SECRET_KEY="newsecret",
|
|
SECRET_KEY_FALLBACKS=[settings.SECRET_KEY],
|
|
):
|
|
user = get_user(request)
|
|
self.assertIsInstance(user, User)
|
|
self.assertEqual(user.username, created_user.username)
|
|
self.assertNotEqual(request.session.session_key, prev_session_key)
|
|
# Remove the fallback secret.
|
|
# The session hash should be updated using the current secret.
|
|
with override_settings(SECRET_KEY="newsecret"):
|
|
user = get_user(request)
|
|
self.assertIsInstance(user, User)
|
|
self.assertEqual(user.username, created_user.username)
|
|
|
|
async def test_aget_user_fallback_secret(self):
|
|
created_user = await User.objects.acreate_user(
|
|
"testuser", "test@example.com", "testpw"
|
|
)
|
|
await self.client.alogin(username="testuser", password="testpw")
|
|
request = HttpRequest()
|
|
request.session = await self.client.asession()
|
|
prev_session_key = request.session.session_key
|
|
with override_settings(
|
|
SECRET_KEY="newsecret",
|
|
SECRET_KEY_FALLBACKS=[settings.SECRET_KEY],
|
|
):
|
|
user = await aget_user(request)
|
|
self.assertIsInstance(user, User)
|
|
self.assertEqual(user.username, created_user.username)
|
|
self.assertNotEqual(request.session.session_key, prev_session_key)
|
|
# Remove the fallback secret.
|
|
# The session hash should be updated using the current secret.
|
|
with override_settings(SECRET_KEY="newsecret"):
|
|
user = await aget_user(request)
|
|
self.assertIsInstance(user, User)
|
|
self.assertEqual(user.username, created_user.username)
|