django1/django/contrib/auth/tests/basic.py

from django.test import TestCase
from django.utils.unittest import skipUnless
from django.contrib.auth.models import User, AnonymousUser
from django.contrib.auth import utils
from django.core.management import call_command
from StringIO import StringIO

try:
    import crypt as crypt_module
except ImportError:
    crypt_module = None


class BasicTestCase(TestCase):
    def test_user(self):
        "Check that users can be created and can set their password"
        u = User.objects.create_user('testuser', 'test@example.com', 'testpw')
        self.assertTrue(u.has_usable_password())
        self.assertFalse(u.check_password('bad'))
        self.assertTrue(u.check_password('testpw'))

        # Check we can manually set an unusable password
        u.set_unusable_password()
        u.save()
        self.assertFalse(u.check_password('testpw'))
        self.assertFalse(u.has_usable_password())
        u.set_password('testpw')
        self.assertTrue(u.check_password('testpw'))
        u.set_password(None)
        self.assertFalse(u.has_usable_password())

        # Check authentication/permissions
        self.assertTrue(u.is_authenticated())
        self.assertFalse(u.is_staff)
        self.assertTrue(u.is_active)
        self.assertFalse(u.is_superuser)

        # Check API-based user creation with no password
        u2 = User.objects.create_user('testuser2', 'test2@example.com')
        self.assertFalse(u.has_usable_password())

    def test_user_no_email(self):
        "Check that users can be created without an email"
        u = User.objects.create_user('testuser1')
        self.assertEqual(u.email, '')

        u2 = User.objects.create_user('testuser2', email='')
        self.assertEqual(u2.email, '')

        u3 = User.objects.create_user('testuser3', email=None)
        self.assertEqual(u3.email, '')

    def test_anonymous_user(self):
        "Check the properties of the anonymous user"
        a = AnonymousUser()
        self.assertFalse(a.is_authenticated())
        self.assertFalse(a.is_staff)
        self.assertFalse(a.is_active)
        self.assertFalse(a.is_superuser)
        self.assertEqual(a.groups.all().count(), 0)
        self.assertEqual(a.user_permissions.all().count(), 0)

    def test_superuser(self):
        "Check the creation and properties of a superuser"
        super = User.objects.create_superuser('super', 'super@example.com', 'super')
        self.assertTrue(super.is_superuser)
        self.assertTrue(super.is_active)
        self.assertTrue(super.is_staff)

    def test_createsuperuser_management_command(self):
        "Check the operation of the createsuperuser management command"
        # We can use the management command to create a superuser
        new_io = StringIO()
        call_command("createsuperuser",
            interactive=False,
            username="joe",
            email="joe@somewhere.org",
            stdout=new_io
        )
        command_output = new_io.getvalue().strip()
        self.assertEqual(command_output, 'Superuser created successfully.')
        u = User.objects.get(username="joe")
        self.assertEqual(u.email, 'joe@somewhere.org')

        # created password should be unusable
        self.assertFalse(u.has_usable_password())

        # We can supress output on the management command
        new_io = StringIO()
        call_command("createsuperuser",
            interactive=False,
            username="joe2",
            email="joe2@somewhere.org",
            verbosity=0,
            stdout=new_io
        )
        command_output = new_io.getvalue().strip()
        self.assertEqual(command_output, '')
        u = User.objects.get(username="joe2")
        self.assertEqual(u.email, 'joe2@somewhere.org')
        self.assertFalse(u.has_usable_password())


        new_io = StringIO()
        call_command("createsuperuser",
            interactive=False,
            username="joe+admin@somewhere.org",
            email="joe@somewhere.org",
            stdout=new_io
        )
        u = User.objects.get(username="joe+admin@somewhere.org")
        self.assertEqual(u.email, 'joe@somewhere.org')
        self.assertFalse(u.has_usable_password())


class PasswordUtilsTestCase(TestCase):

    def _test_make_password(self, algo):
        password = utils.make_password(algo, "foobar")
        self.assertTrue(utils.is_password_usable(password))
        self.assertTrue(utils.check_password("foobar", password))

    def test_make_unusable(self):
        "Check that you can create an unusable password."
        password = utils.make_password("any", None)
        self.assertFalse(utils.is_password_usable(password))
        self.assertFalse(utils.check_password("foobar", password))

    def test_make_password_sha1(self):
        "Check creating passwords with SHA1 algorithm."
        self._test_make_password("sha1")

    def test_make_password_md5(self):
        "Check creating passwords with MD5 algorithm."
        self._test_make_password("md5")

    @skipUnless(crypt_module, "no crypt module to generate password.")
    def test_make_password_crypt(self):
        "Check creating passwords with CRYPT algorithm."
        self._test_make_password("crypt")
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`from django.test import TestCase`
Fixed #14390 and #16262 -- Moved password related functions from auth models to utils module and stopped check_password from throwing an exception. Thanks, subsume and lrekucki. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16456 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-27 00:51:46 +08:00			`from django.utils.unittest import skipUnless`
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`from django.contrib.auth.models import User, AnonymousUser`
Fixed #14390 and #16262 -- Moved password related functions from auth models to utils module and stopped check_password from throwing an exception. Thanks, subsume and lrekucki. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16456 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-27 00:51:46 +08:00			`from django.contrib.auth import utils`
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`from django.core.management import call_command`
			`from StringIO import StringIO`
Merged the newforms-admin branch into trunk. This is a backward incompatible change. The admin contrib app has been refactored. The newforms module has several improvements including FormSets and Media definitions. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7967 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2008-07-19 07:54:34 +08:00
Fixed #14390 and #16262 -- Moved password related functions from auth models to utils module and stopped check_password from throwing an exception. Thanks, subsume and lrekucki. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16456 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-27 00:51:46 +08:00			`try:`
			`import crypt as crypt_module`
			`except ImportError:`
			`crypt_module = None`


Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`class BasicTestCase(TestCase):`
			`def test_user(self):`
			`"Check that users can be created and can set their password"`
			`u = User.objects.create_user('testuser', 'test@example.com', 'testpw')`
			`self.assertTrue(u.has_usable_password())`
			`self.assertFalse(u.check_password('bad'))`
			`self.assertTrue(u.check_password('testpw'))`
Fixed #6174 -- Made `AnonymousUser.is_active` False instead of True since `AnonymousUser`s can't login. Thanks, `SmileyChris`. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6912 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-12-11 14:37:07 +08:00
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`# Check we can manually set an unusable password`
			`u.set_unusable_password()`
			`u.save()`
			`self.assertFalse(u.check_password('testpw'))`
			`self.assertFalse(u.has_usable_password())`
			`u.set_password('testpw')`
			`self.assertTrue(u.check_password('testpw'))`
			`u.set_password(None)`
			`self.assertFalse(u.has_usable_password())`
Fixed #6174 -- Made `AnonymousUser.is_active` False instead of True since `AnonymousUser`s can't login. Thanks, `SmileyChris`. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6912 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2007-12-11 14:37:07 +08:00
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`# Check authentication/permissions`
			`self.assertTrue(u.is_authenticated())`
			`self.assertFalse(u.is_staff)`
			`self.assertTrue(u.is_active)`
			`self.assertFalse(u.is_superuser)`
Fixed #5614: added 'manage.py createsuperuser'. Thanks, programmerq. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7590 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2008-06-08 13:31:16 +08:00
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`# Check API-based user creation with no password`
			`u2 = User.objects.create_user('testuser2', 'test2@example.com')`
			`self.assertFalse(u.has_usable_password())`
Fixed #8140 -- Made `UserManager.create_superuser` return the new `User` object, based on patch from ericholscher. git-svn-id: http://code.djangoproject.com/svn/django/trunk@10217 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2009-03-31 06:00:07 +08:00
Make the email parameter of User.objects.create_user optional. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16472 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-28 12:29:48 +08:00			`def test_user_no_email(self):`
			`"Check that users can be created without an email"`
			`u = User.objects.create_user('testuser1')`
Fixed #16363 -- Fixed tests introduced in r16472. Thanks, EnTeQuAk. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16478 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-28 18:17:36 +08:00			`self.assertEqual(u.email, '')`
Make the email parameter of User.objects.create_user optional. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16472 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-28 12:29:48 +08:00
			`u2 = User.objects.create_user('testuser2', email='')`
Fixed #16363 -- Fixed tests introduced in r16472. Thanks, EnTeQuAk. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16478 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-28 18:17:36 +08:00			`self.assertEqual(u2.email, '')`
Make the email parameter of User.objects.create_user optional. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16472 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-28 12:29:48 +08:00
			`u3 = User.objects.create_user('testuser3', email=None)`
Fixed #16363 -- Fixed tests introduced in r16472. Thanks, EnTeQuAk. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16478 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-28 18:17:36 +08:00			`self.assertEqual(u3.email, '')`
Make the email parameter of User.objects.create_user optional. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16472 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-28 12:29:48 +08:00
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`def test_anonymous_user(self):`
			`"Check the properties of the anonymous user"`
			`a = AnonymousUser()`
			`self.assertFalse(a.is_authenticated())`
			`self.assertFalse(a.is_staff)`
			`self.assertFalse(a.is_active)`
			`self.assertFalse(a.is_superuser)`
			`self.assertEqual(a.groups.all().count(), 0)`
			`self.assertEqual(a.user_permissions.all().count(), 0)`
Fixed #5614: added 'manage.py createsuperuser'. Thanks, programmerq. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7590 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2008-06-08 13:31:16 +08:00
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`def test_superuser(self):`
			`"Check the creation and properties of a superuser"`
			`super = User.objects.create_superuser('super', 'super@example.com', 'super')`
			`self.assertTrue(super.is_superuser)`
			`self.assertTrue(super.is_active)`
			`self.assertTrue(super.is_staff)`
Fixed #5614: added 'manage.py createsuperuser'. Thanks, programmerq. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7590 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2008-06-08 13:31:16 +08:00
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00			`def test_createsuperuser_management_command(self):`
			`"Check the operation of the createsuperuser management command"`
			`# We can use the management command to create a superuser`
			`new_io = StringIO()`
			`call_command("createsuperuser",`
			`interactive=False,`
			`username="joe",`
			`email="joe@somewhere.org",`
			`stdout=new_io`
			`)`
			`command_output = new_io.getvalue().strip()`
			`self.assertEqual(command_output, 'Superuser created successfully.')`
			`u = User.objects.get(username="joe")`
Updated test assertions that have been deprecated by the move to unittest2. In summary, this means: assert_ -> assertTrue assertEquals -> assertEqual failUnless -> assertTrue For full details, see http://www.voidspace.org.uk/python/articles/unittest2.shtml#deprecations git-svn-id: http://code.djangoproject.com/svn/django/trunk@15728 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-03-03 23:04:39 +08:00			`self.assertEqual(u.email, 'joe@somewhere.org')`
Fixed #15371 -- Ensure that a superuser created with the createsuperuser management command with --noinput has an invalid password, not a blank password. Thanks to yishaibeeri for the report and patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15631 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-02-22 19:33:04 +08:00
			`# created password should be unusable`
			`self.assertFalse(u.has_usable_password())`
Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00
			`# We can supress output on the management command`
			`new_io = StringIO()`
			`call_command("createsuperuser",`
			`interactive=False,`
			`username="joe2",`
			`email="joe2@somewhere.org",`
			`verbosity=0,`
			`stdout=new_io`
			`)`
			`command_output = new_io.getvalue().strip()`
			`self.assertEqual(command_output, '')`
			`u = User.objects.get(username="joe2")`
Updated test assertions that have been deprecated by the move to unittest2. In summary, this means: assert_ -> assertTrue assertEquals -> assertEqual failUnless -> assertTrue For full details, see http://www.voidspace.org.uk/python/articles/unittest2.shtml#deprecations git-svn-id: http://code.djangoproject.com/svn/django/trunk@15728 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-03-03 23:04:39 +08:00			`self.assertEqual(u.email, 'joe2@somewhere.org')`
Fixed #15371 -- Ensure that a superuser created with the createsuperuser management command with --noinput has an invalid password, not a blank password. Thanks to yishaibeeri for the report and patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15631 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-02-22 19:33:04 +08:00			`self.assertFalse(u.has_usable_password())`

Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-10-09 11:34:08 +08:00
			`new_io = StringIO()`
			`call_command("createsuperuser",`
			`interactive=False,`
			`username="joe+admin@somewhere.org",`
			`email="joe@somewhere.org",`
			`stdout=new_io`
			`)`
			`u = User.objects.get(username="joe+admin@somewhere.org")`
Updated test assertions that have been deprecated by the move to unittest2. In summary, this means: assert_ -> assertTrue assertEquals -> assertEqual failUnless -> assertTrue For full details, see http://www.voidspace.org.uk/python/articles/unittest2.shtml#deprecations git-svn-id: http://code.djangoproject.com/svn/django/trunk@15728 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-03-03 23:04:39 +08:00			`self.assertEqual(u.email, 'joe@somewhere.org')`
Fixed #15371 -- Ensure that a superuser created with the createsuperuser management command with --noinput has an invalid password, not a blank password. Thanks to yishaibeeri for the report and patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15631 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-02-22 19:33:04 +08:00			`self.assertFalse(u.has_usable_password())`
Fixed #13569 -- Fixed createsuperuser management command to work with the new relaxed requirements for usernames. git-svn-id: http://code.djangoproject.com/svn/django/trunk@13297 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2010-05-21 22:08:49 +08:00
Fixed #14390 and #16262 -- Moved password related functions from auth models to utils module and stopped check_password from throwing an exception. Thanks, subsume and lrekucki. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16456 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-27 00:51:46 +08:00
			`class PasswordUtilsTestCase(TestCase):`

			`def _test_make_password(self, algo):`
			`password = utils.make_password(algo, "foobar")`
			`self.assertTrue(utils.is_password_usable(password))`
			`self.assertTrue(utils.check_password("foobar", password))`

			`def test_make_unusable(self):`
			`"Check that you can create an unusable password."`
			`password = utils.make_password("any", None)`
			`self.assertFalse(utils.is_password_usable(password))`
			`self.assertFalse(utils.check_password("foobar", password))`

			`def test_make_password_sha1(self):`
			`"Check creating passwords with SHA1 algorithm."`
			`self._test_make_password("sha1")`

			`def test_make_password_md5(self):`
			`"Check creating passwords with MD5 algorithm."`
			`self._test_make_password("md5")`

			`@skipUnless(crypt_module, "no crypt module to generate password.")`
			`def test_make_password_crypt(self):`
			`"Check creating passwords with CRYPT algorithm."`
			`self._test_make_password("crypt")`