mirror of
https://github.com/django/django.git
synced 2024-12-01 15:42:04 +01:00
Fixed #19057 (again) -- added additional tests
This commit is contained in:
parent
81f5d4a1a7
commit
2b5f848207
@ -21,17 +21,12 @@ def check_password(environ, username, password):
|
||||
user = UserModel.objects.get_by_natural_key(username)
|
||||
except UserModel.DoesNotExist:
|
||||
return None
|
||||
try:
|
||||
if not user.is_active:
|
||||
return None
|
||||
except AttributeError as e:
|
||||
# a custom user may not support is_active
|
||||
if not user.is_active:
|
||||
return None
|
||||
return user.check_password(password)
|
||||
finally:
|
||||
db.close_connection()
|
||||
|
||||
|
||||
def groups_for_user(environ, username):
|
||||
"""
|
||||
Authorizes a user based on groups
|
||||
|
@ -2,31 +2,23 @@ from __future__ import unicode_literals
|
||||
|
||||
from django.contrib.auth.handlers.modwsgi import check_password, groups_for_user
|
||||
from django.contrib.auth.models import User, Group
|
||||
from django.contrib.auth.tests import CustomUser
|
||||
from django.contrib.auth.tests.utils import skipIfCustomUser
|
||||
from django.test import TransactionTestCase
|
||||
from django.test.utils import override_settings
|
||||
|
||||
|
||||
class ModWsgiHandlerTestCase(TransactionTestCase):
|
||||
"""
|
||||
Tests for the mod_wsgi authentication handler
|
||||
"""
|
||||
|
||||
def setUp(self):
|
||||
user1 = User.objects.create_user('test', 'test@example.com', 'test')
|
||||
User.objects.create_user('test1', 'test1@example.com', 'test1')
|
||||
group = Group.objects.create(name='test_group')
|
||||
user1.groups.add(group)
|
||||
|
||||
@skipIfCustomUser
|
||||
def test_check_password(self):
|
||||
"""
|
||||
Verify that check_password returns the correct values as per
|
||||
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
|
||||
|
||||
because the custom user available in the test framework does not
|
||||
support the is_active attribute, we can't test this with a custom
|
||||
user.
|
||||
"""
|
||||
User.objects.create_user('test', 'test@example.com', 'test')
|
||||
|
||||
# User not in database
|
||||
self.assertTrue(check_password({}, 'unknown', '') is None)
|
||||
@ -34,15 +26,43 @@ class ModWsgiHandlerTestCase(TransactionTestCase):
|
||||
# Valid user with correct password
|
||||
self.assertTrue(check_password({}, 'test', 'test'))
|
||||
|
||||
# correct password, but user is inactive
|
||||
User.objects.filter(username='test').update(is_active=False)
|
||||
self.assertFalse(check_password({}, 'test', 'test'))
|
||||
|
||||
# Valid user with incorrect password
|
||||
self.assertFalse(check_password({}, 'test', 'incorrect'))
|
||||
|
||||
@override_settings(AUTH_USER_MODEL='auth.CustomUser')
|
||||
def test_check_password_custom_user(self):
|
||||
"""
|
||||
Verify that check_password returns the correct values as per
|
||||
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
|
||||
|
||||
with custom user installed
|
||||
"""
|
||||
|
||||
CustomUser.objects.create_user('test@example.com', '1990-01-01', 'test')
|
||||
|
||||
# User not in database
|
||||
self.assertTrue(check_password({}, 'unknown', '') is None)
|
||||
|
||||
# Valid user with correct password'
|
||||
self.assertTrue(check_password({}, 'test@example.com', 'test'))
|
||||
|
||||
# Valid user with incorrect password
|
||||
self.assertFalse(check_password({}, 'test@example.com', 'incorrect'))
|
||||
|
||||
@skipIfCustomUser
|
||||
def test_groups_for_user(self):
|
||||
"""
|
||||
Check that groups_for_user returns correct values as per
|
||||
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Group_Authorisation
|
||||
"""
|
||||
user1 = User.objects.create_user('test', 'test@example.com', 'test')
|
||||
User.objects.create_user('test1', 'test1@example.com', 'test1')
|
||||
group = Group.objects.create(name='test_group')
|
||||
user1.groups.add(group)
|
||||
|
||||
# User not in database
|
||||
self.assertEqual(groups_for_user({}, 'unknown'), [])
|
||||
|
Loading…
Reference in New Issue
Block a user