innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Normalized check framework test pattern.

This commit is contained in:
Adam Johnson 2020-03-21 19:14:02 +00:00 committed by GitHub
parent 2117b7c12e
commit ffde4d5da8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 66 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
tests/check_framework/test_caches.py
View File

@ -1,4 +1,4 @@
from django.core.checks.caches import E001 from django.core.checks.caches import E001, check_default_cache_is_configured
from django.test import SimpleTestCase from django.test import SimpleTestCase
from django.test.utils import override_settings from django.test.utils import override_settings
@ -15,21 +15,16 @@ class CheckCacheSettingsAppDirsTest(SimpleTestCase):
}, },
} }
@property
def func(self):
from django.core.checks.caches import check_default_cache_is_configured
return check_default_cache_is_configured
@override_settings(CACHES=VALID_CACHES_CONFIGURATION) @override_settings(CACHES=VALID_CACHES_CONFIGURATION)
def test_default_cache_included(self): def test_default_cache_included(self):
""" """
Don't error if 'default' is present in CACHES setting. Don't error if 'default' is present in CACHES setting.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(check_default_cache_is_configured(None), [])
@override_settings(CACHES=INVALID_CACHES_CONFIGURATION) @override_settings(CACHES=INVALID_CACHES_CONFIGURATION)
def test_default_cache_not_included(self): def test_default_cache_not_included(self):
""" """
Error if 'default' not present in CACHES setting. Error if 'default' not present in CACHES setting.
""" """
self.assertEqual(self.func(None), [E001]) self.assertEqual(check_default_cache_is_configured(None), [E001])

185
tests/check_framework/test_security.py
View File

@ -5,11 +5,6 @@ from django.test.utils import override_settings
class CheckSessionCookieSecureTest(SimpleTestCase): class CheckSessionCookieSecureTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.sessions import check_session_cookie_secure
return check_session_cookie_secure
@override_settings( @override_settings(
SESSION_COOKIE_SECURE=False, SESSION_COOKIE_SECURE=False,
INSTALLED_APPS=["django.contrib.sessions"], INSTALLED_APPS=["django.contrib.sessions"],
@ -20,7 +15,7 @@ class CheckSessionCookieSecureTest(SimpleTestCase):
Warn if SESSION_COOKIE_SECURE is off and "django.contrib.sessions" is Warn if SESSION_COOKIE_SECURE is off and "django.contrib.sessions" is
in INSTALLED_APPS. in INSTALLED_APPS.
""" """
self.assertEqual(self.func(None), [sessions.W010]) self.assertEqual(sessions.check_session_cookie_secure(None), [sessions.W010])
@override_settings( @override_settings(
SESSION_COOKIE_SECURE=False, SESSION_COOKIE_SECURE=False,
@ -33,7 +28,7 @@ class CheckSessionCookieSecureTest(SimpleTestCase):
"django.contrib.sessions.middleware.SessionMiddleware" is in "django.contrib.sessions.middleware.SessionMiddleware" is in
MIDDLEWARE. MIDDLEWARE.
""" """
self.assertEqual(self.func(None), [sessions.W011]) self.assertEqual(sessions.check_session_cookie_secure(None), [sessions.W011])
@override_settings( @override_settings(
SESSION_COOKIE_SECURE=False, SESSION_COOKIE_SECURE=False,
@ -45,7 +40,7 @@ class CheckSessionCookieSecureTest(SimpleTestCase):
If SESSION_COOKIE_SECURE is off and we find both the session app and If SESSION_COOKIE_SECURE is off and we find both the session app and
the middleware, provide one common warning. the middleware, provide one common warning.
""" """
self.assertEqual(self.func(None), [sessions.W012]) self.assertEqual(sessions.check_session_cookie_secure(None), [sessions.W012])
@override_settings( @override_settings(
SESSION_COOKIE_SECURE=True, SESSION_COOKIE_SECURE=True,
@ -56,15 +51,10 @@ class CheckSessionCookieSecureTest(SimpleTestCase):
""" """
If SESSION_COOKIE_SECURE is on, there's no warning about it. If SESSION_COOKIE_SECURE is on, there's no warning about it.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(sessions.check_session_cookie_secure(None), [])
class CheckSessionCookieHttpOnlyTest(SimpleTestCase): class CheckSessionCookieHttpOnlyTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.sessions import check_session_cookie_httponly
return check_session_cookie_httponly
@override_settings( @override_settings(
SESSION_COOKIE_HTTPONLY=False, SESSION_COOKIE_HTTPONLY=False,
INSTALLED_APPS=["django.contrib.sessions"], INSTALLED_APPS=["django.contrib.sessions"],
@ -75,7 +65,7 @@ class CheckSessionCookieHttpOnlyTest(SimpleTestCase):
Warn if SESSION_COOKIE_HTTPONLY is off and "django.contrib.sessions" Warn if SESSION_COOKIE_HTTPONLY is off and "django.contrib.sessions"
is in INSTALLED_APPS. is in INSTALLED_APPS.
""" """
self.assertEqual(self.func(None), [sessions.W013]) self.assertEqual(sessions.check_session_cookie_httponly(None), [sessions.W013])
@override_settings( @override_settings(
SESSION_COOKIE_HTTPONLY=False, SESSION_COOKIE_HTTPONLY=False,
@ -88,7 +78,7 @@ class CheckSessionCookieHttpOnlyTest(SimpleTestCase):
"django.contrib.sessions.middleware.SessionMiddleware" is in "django.contrib.sessions.middleware.SessionMiddleware" is in
MIDDLEWARE. MIDDLEWARE.
""" """
self.assertEqual(self.func(None), [sessions.W014]) self.assertEqual(sessions.check_session_cookie_httponly(None), [sessions.W014])
@override_settings( @override_settings(
SESSION_COOKIE_HTTPONLY=False, SESSION_COOKIE_HTTPONLY=False,
@ -100,7 +90,7 @@ class CheckSessionCookieHttpOnlyTest(SimpleTestCase):
If SESSION_COOKIE_HTTPONLY is off and we find both the session app and If SESSION_COOKIE_HTTPONLY is off and we find both the session app and
the middleware, provide one common warning. the middleware, provide one common warning.
""" """
self.assertEqual(self.func(None), [sessions.W015]) self.assertEqual(sessions.check_session_cookie_httponly(None), [sessions.W015])
@override_settings( @override_settings(
SESSION_COOKIE_HTTPONLY=True, SESSION_COOKIE_HTTPONLY=True,
@ -111,33 +101,23 @@ class CheckSessionCookieHttpOnlyTest(SimpleTestCase):
""" """
If SESSION_COOKIE_HTTPONLY is on, there's no warning about it. If SESSION_COOKIE_HTTPONLY is on, there's no warning about it.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(sessions.check_session_cookie_httponly(None), [])
class CheckCSRFMiddlewareTest(SimpleTestCase): class CheckCSRFMiddlewareTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.csrf import check_csrf_middleware
return check_csrf_middleware
@override_settings(MIDDLEWARE=[]) @override_settings(MIDDLEWARE=[])
def test_no_csrf_middleware(self): def test_no_csrf_middleware(self):
""" """
Warn if CsrfViewMiddleware isn't in MIDDLEWARE. Warn if CsrfViewMiddleware isn't in MIDDLEWARE.
""" """
self.assertEqual(self.func(None), [csrf.W003]) self.assertEqual(csrf.check_csrf_middleware(None), [csrf.W003])
@override_settings(MIDDLEWARE=['django.middleware.csrf.CsrfViewMiddleware']) @override_settings(MIDDLEWARE=['django.middleware.csrf.CsrfViewMiddleware'])
def test_with_csrf_middleware(self): def test_with_csrf_middleware(self):
self.assertEqual(self.func(None), []) self.assertEqual(csrf.check_csrf_middleware(None), [])
class CheckCSRFCookieSecureTest(SimpleTestCase): class CheckCSRFCookieSecureTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.csrf import check_csrf_cookie_secure
return check_csrf_cookie_secure
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.csrf.CsrfViewMiddleware"], MIDDLEWARE=["django.middleware.csrf.CsrfViewMiddleware"],
CSRF_COOKIE_SECURE=False, CSRF_COOKIE_SECURE=False,
@ -147,7 +127,7 @@ class CheckCSRFCookieSecureTest(SimpleTestCase):
Warn if CsrfViewMiddleware is in MIDDLEWARE but Warn if CsrfViewMiddleware is in MIDDLEWARE but
CSRF_COOKIE_SECURE isn't True. CSRF_COOKIE_SECURE isn't True.
""" """
self.assertEqual(self.func(None), [csrf.W016]) self.assertEqual(csrf.check_csrf_cookie_secure(None), [csrf.W016])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.csrf.CsrfViewMiddleware"], MIDDLEWARE=["django.middleware.csrf.CsrfViewMiddleware"],
@ -159,7 +139,7 @@ class CheckCSRFCookieSecureTest(SimpleTestCase):
No warning if CSRF_COOKIE_SECURE isn't True while CSRF_USE_SESSIONS No warning if CSRF_COOKIE_SECURE isn't True while CSRF_USE_SESSIONS
is True. is True.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(csrf.check_csrf_cookie_secure(None), [])
@override_settings(MIDDLEWARE=[], CSRF_COOKIE_SECURE=False) @override_settings(MIDDLEWARE=[], CSRF_COOKIE_SECURE=False)
def test_with_csrf_cookie_secure_false_no_middleware(self): def test_with_csrf_cookie_secure_false_no_middleware(self):
@ -167,40 +147,30 @@ class CheckCSRFCookieSecureTest(SimpleTestCase):
No warning if CsrfViewMiddleware isn't in MIDDLEWARE, even if No warning if CsrfViewMiddleware isn't in MIDDLEWARE, even if
CSRF_COOKIE_SECURE is False. CSRF_COOKIE_SECURE is False.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(csrf.check_csrf_cookie_secure(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.csrf.CsrfViewMiddleware"], MIDDLEWARE=["django.middleware.csrf.CsrfViewMiddleware"],
CSRF_COOKIE_SECURE=True, CSRF_COOKIE_SECURE=True,
) )
def test_with_csrf_cookie_secure_true(self): def test_with_csrf_cookie_secure_true(self):
self.assertEqual(self.func(None), []) self.assertEqual(csrf.check_csrf_cookie_secure(None), [])
class CheckSecurityMiddlewareTest(SimpleTestCase): class CheckSecurityMiddlewareTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_security_middleware
return check_security_middleware
@override_settings(MIDDLEWARE=[]) @override_settings(MIDDLEWARE=[])
def test_no_security_middleware(self): def test_no_security_middleware(self):
""" """
Warn if SecurityMiddleware isn't in MIDDLEWARE. Warn if SecurityMiddleware isn't in MIDDLEWARE.
""" """
self.assertEqual(self.func(None), [base.W001]) self.assertEqual(base.check_security_middleware(None), [base.W001])
@override_settings(MIDDLEWARE=['django.middleware.security.SecurityMiddleware']) @override_settings(MIDDLEWARE=['django.middleware.security.SecurityMiddleware'])
def test_with_security_middleware(self): def test_with_security_middleware(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_security_middleware(None), [])
class CheckStrictTransportSecurityTest(SimpleTestCase): class CheckStrictTransportSecurityTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_sts
return check_sts
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
SECURE_HSTS_SECONDS=0, SECURE_HSTS_SECONDS=0,
@ -209,7 +179,7 @@ class CheckStrictTransportSecurityTest(SimpleTestCase):
""" """
Warn if SECURE_HSTS_SECONDS isn't > 0. Warn if SECURE_HSTS_SECONDS isn't > 0.
""" """
self.assertEqual(self.func(None), [base.W004]) self.assertEqual(base.check_sts(None), [base.W004])
@override_settings(MIDDLEWARE=[], SECURE_HSTS_SECONDS=0) @override_settings(MIDDLEWARE=[], SECURE_HSTS_SECONDS=0)
def test_no_sts_no_middleware(self): def test_no_sts_no_middleware(self):
@ -217,22 +187,17 @@ class CheckStrictTransportSecurityTest(SimpleTestCase):
Don't warn if SECURE_HSTS_SECONDS isn't > 0 and SecurityMiddleware isn't Don't warn if SECURE_HSTS_SECONDS isn't > 0 and SecurityMiddleware isn't
installed. installed.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_sts(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
SECURE_HSTS_SECONDS=3600, SECURE_HSTS_SECONDS=3600,
) )
def test_with_sts(self): def test_with_sts(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_sts(None), [])
class CheckStrictTransportSecuritySubdomainsTest(SimpleTestCase): class CheckStrictTransportSecuritySubdomainsTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_sts_include_subdomains
return check_sts_include_subdomains
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
SECURE_HSTS_INCLUDE_SUBDOMAINS=False, SECURE_HSTS_INCLUDE_SUBDOMAINS=False,
@ -242,7 +207,7 @@ class CheckStrictTransportSecuritySubdomainsTest(SimpleTestCase):
""" """
Warn if SECURE_HSTS_INCLUDE_SUBDOMAINS isn't True. Warn if SECURE_HSTS_INCLUDE_SUBDOMAINS isn't True.
""" """
self.assertEqual(self.func(None), [base.W005]) self.assertEqual(base.check_sts_include_subdomains(None), [base.W005])
@override_settings( @override_settings(
MIDDLEWARE=[], MIDDLEWARE=[],
@ -253,7 +218,7 @@ class CheckStrictTransportSecuritySubdomainsTest(SimpleTestCase):
""" """
Don't warn if SecurityMiddleware isn't installed. Don't warn if SecurityMiddleware isn't installed.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_sts_include_subdomains(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
@ -264,7 +229,7 @@ class CheckStrictTransportSecuritySubdomainsTest(SimpleTestCase):
""" """
Don't warn if SECURE_HSTS_SECONDS isn't set. Don't warn if SECURE_HSTS_SECONDS isn't set.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_sts_include_subdomains(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
@ -272,15 +237,10 @@ class CheckStrictTransportSecuritySubdomainsTest(SimpleTestCase):
SECURE_HSTS_SECONDS=3600, SECURE_HSTS_SECONDS=3600,
) )
def test_with_sts_subdomains(self): def test_with_sts_subdomains(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_sts_include_subdomains(None), [])
class CheckStrictTransportSecurityPreloadTest(SimpleTestCase): class CheckStrictTransportSecurityPreloadTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_sts_preload
return check_sts_preload
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
SECURE_HSTS_PRELOAD=False, SECURE_HSTS_PRELOAD=False,
@ -290,14 +250,14 @@ class CheckStrictTransportSecurityPreloadTest(SimpleTestCase):
""" """
Warn if SECURE_HSTS_PRELOAD isn't True. Warn if SECURE_HSTS_PRELOAD isn't True.
""" """
self.assertEqual(self.func(None), [base.W021]) self.assertEqual(base.check_sts_preload(None), [base.W021])
@override_settings(MIDDLEWARE=[], SECURE_HSTS_PRELOAD=False, SECURE_HSTS_SECONDS=3600) @override_settings(MIDDLEWARE=[], SECURE_HSTS_PRELOAD=False, SECURE_HSTS_SECONDS=3600)
def test_no_sts_preload_no_middleware(self): def test_no_sts_preload_no_middleware(self):
""" """
Don't warn if SecurityMiddleware isn't installed. Don't warn if SecurityMiddleware isn't installed.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_sts_preload(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
@ -308,7 +268,7 @@ class CheckStrictTransportSecurityPreloadTest(SimpleTestCase):
""" """
Don't warn if SECURE_HSTS_SECONDS isn't set. Don't warn if SECURE_HSTS_SECONDS isn't set.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_sts_preload(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
@ -316,33 +276,23 @@ class CheckStrictTransportSecurityPreloadTest(SimpleTestCase):
SECURE_HSTS_SECONDS=3600, SECURE_HSTS_SECONDS=3600,
) )
def test_with_sts_preload(self): def test_with_sts_preload(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_sts_preload(None), [])
class CheckXFrameOptionsMiddlewareTest(SimpleTestCase): class CheckXFrameOptionsMiddlewareTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_xframe_options_middleware
return check_xframe_options_middleware
@override_settings(MIDDLEWARE=[]) @override_settings(MIDDLEWARE=[])
def test_middleware_not_installed(self): def test_middleware_not_installed(self):
""" """
Warn if XFrameOptionsMiddleware isn't in MIDDLEWARE. Warn if XFrameOptionsMiddleware isn't in MIDDLEWARE.
""" """
self.assertEqual(self.func(None), [base.W002]) self.assertEqual(base.check_xframe_options_middleware(None), [base.W002])
@override_settings(MIDDLEWARE=["django.middleware.clickjacking.XFrameOptionsMiddleware"]) @override_settings(MIDDLEWARE=["django.middleware.clickjacking.XFrameOptionsMiddleware"])
def test_middleware_installed(self): def test_middleware_installed(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_xframe_options_middleware(None), [])
class CheckXFrameOptionsDenyTest(SimpleTestCase): class CheckXFrameOptionsDenyTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_xframe_deny
return check_xframe_deny
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.clickjacking.XFrameOptionsMiddleware"], MIDDLEWARE=["django.middleware.clickjacking.XFrameOptionsMiddleware"],
X_FRAME_OPTIONS='SAMEORIGIN', X_FRAME_OPTIONS='SAMEORIGIN',
@ -352,7 +302,7 @@ class CheckXFrameOptionsDenyTest(SimpleTestCase):
Warn if XFrameOptionsMiddleware is in MIDDLEWARE but Warn if XFrameOptionsMiddleware is in MIDDLEWARE but
X_FRAME_OPTIONS isn't 'DENY'. X_FRAME_OPTIONS isn't 'DENY'.
""" """
self.assertEqual(self.func(None), [base.W019]) self.assertEqual(base.check_xframe_deny(None), [base.W019])
@override_settings(MIDDLEWARE=[], X_FRAME_OPTIONS='SAMEORIGIN') @override_settings(MIDDLEWARE=[], X_FRAME_OPTIONS='SAMEORIGIN')
def test_middleware_not_installed(self): def test_middleware_not_installed(self):
@ -360,22 +310,17 @@ class CheckXFrameOptionsDenyTest(SimpleTestCase):
No error if XFrameOptionsMiddleware isn't in MIDDLEWARE even if No error if XFrameOptionsMiddleware isn't in MIDDLEWARE even if
X_FRAME_OPTIONS isn't 'DENY'. X_FRAME_OPTIONS isn't 'DENY'.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_xframe_deny(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.clickjacking.XFrameOptionsMiddleware"], MIDDLEWARE=["django.middleware.clickjacking.XFrameOptionsMiddleware"],
X_FRAME_OPTIONS='DENY', X_FRAME_OPTIONS='DENY',
) )
def test_xframe_deny(self): def test_xframe_deny(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_xframe_deny(None), [])
class CheckContentTypeNosniffTest(SimpleTestCase): class CheckContentTypeNosniffTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_content_type_nosniff
return check_content_type_nosniff
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
SECURE_CONTENT_TYPE_NOSNIFF=False, SECURE_CONTENT_TYPE_NOSNIFF=False,
@ -384,7 +329,7 @@ class CheckContentTypeNosniffTest(SimpleTestCase):
""" """
Warn if SECURE_CONTENT_TYPE_NOSNIFF isn't True. Warn if SECURE_CONTENT_TYPE_NOSNIFF isn't True.
""" """
self.assertEqual(self.func(None), [base.W006]) self.assertEqual(base.check_content_type_nosniff(None), [base.W006])
@override_settings(MIDDLEWARE=[], SECURE_CONTENT_TYPE_NOSNIFF=False) @override_settings(MIDDLEWARE=[], SECURE_CONTENT_TYPE_NOSNIFF=False)
def test_no_content_type_nosniff_no_middleware(self): def test_no_content_type_nosniff_no_middleware(self):
@ -392,22 +337,17 @@ class CheckContentTypeNosniffTest(SimpleTestCase):
Don't warn if SECURE_CONTENT_TYPE_NOSNIFF isn't True and Don't warn if SECURE_CONTENT_TYPE_NOSNIFF isn't True and
SecurityMiddleware isn't in MIDDLEWARE. SecurityMiddleware isn't in MIDDLEWARE.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_content_type_nosniff(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
SECURE_CONTENT_TYPE_NOSNIFF=True, SECURE_CONTENT_TYPE_NOSNIFF=True,
) )
def test_with_content_type_nosniff(self): def test_with_content_type_nosniff(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_content_type_nosniff(None), [])
class CheckSSLRedirectTest(SimpleTestCase): class CheckSSLRedirectTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_ssl_redirect
return check_ssl_redirect
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
SECURE_SSL_REDIRECT=False, SECURE_SSL_REDIRECT=False,
@ -416,7 +356,7 @@ class CheckSSLRedirectTest(SimpleTestCase):
""" """
Warn if SECURE_SSL_REDIRECT isn't True. Warn if SECURE_SSL_REDIRECT isn't True.
""" """
self.assertEqual(self.func(None), [base.W008]) self.assertEqual(base.check_ssl_redirect(None), [base.W008])
@override_settings(MIDDLEWARE=[], SECURE_SSL_REDIRECT=False) @override_settings(MIDDLEWARE=[], SECURE_SSL_REDIRECT=False)
def test_no_ssl_redirect_no_middleware(self): def test_no_ssl_redirect_no_middleware(self):
@ -424,99 +364,78 @@ class CheckSSLRedirectTest(SimpleTestCase):
Don't warn if SECURE_SSL_REDIRECT is False and SecurityMiddleware isn't Don't warn if SECURE_SSL_REDIRECT is False and SecurityMiddleware isn't
installed. installed.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_ssl_redirect(None), [])
@override_settings( @override_settings(
MIDDLEWARE=["django.middleware.security.SecurityMiddleware"], MIDDLEWARE=["django.middleware.security.SecurityMiddleware"],
SECURE_SSL_REDIRECT=True, SECURE_SSL_REDIRECT=True,
) )
def test_with_ssl_redirect(self): def test_with_ssl_redirect(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_ssl_redirect(None), [])
class CheckSecretKeyTest(SimpleTestCase): class CheckSecretKeyTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_secret_key
return check_secret_key
@override_settings(SECRET_KEY=('abcdefghijklmnopqrstuvwx' * 2) + 'ab') @override_settings(SECRET_KEY=('abcdefghijklmnopqrstuvwx' * 2) + 'ab')
def test_okay_secret_key(self): def test_okay_secret_key(self):
self.assertEqual(len(settings.SECRET_KEY), base.SECRET_KEY_MIN_LENGTH) self.assertEqual(len(settings.SECRET_KEY), base.SECRET_KEY_MIN_LENGTH)
self.assertGreater(len(set(settings.SECRET_KEY)), base.SECRET_KEY_MIN_UNIQUE_CHARACTERS) self.assertGreater(len(set(settings.SECRET_KEY)), base.SECRET_KEY_MIN_UNIQUE_CHARACTERS)
self.assertEqual(self.func(None), []) self.assertEqual(base.check_secret_key(None), [])
@override_settings(SECRET_KEY='') @override_settings(SECRET_KEY='')
def test_empty_secret_key(self): def test_empty_secret_key(self):
self.assertEqual(self.func(None), [base.W009]) self.assertEqual(base.check_secret_key(None), [base.W009])
@override_settings(SECRET_KEY=None) @override_settings(SECRET_KEY=None)
def test_missing_secret_key(self): def test_missing_secret_key(self):
del settings.SECRET_KEY del settings.SECRET_KEY
self.assertEqual(self.func(None), [base.W009]) self.assertEqual(base.check_secret_key(None), [base.W009])
@override_settings(SECRET_KEY=None) @override_settings(SECRET_KEY=None)
def test_none_secret_key(self): def test_none_secret_key(self):
self.assertEqual(self.func(None), [base.W009]) self.assertEqual(base.check_secret_key(None), [base.W009])
@override_settings(SECRET_KEY=('abcdefghijklmnopqrstuvwx' * 2) + 'a') @override_settings(SECRET_KEY=('abcdefghijklmnopqrstuvwx' * 2) + 'a')
def test_low_length_secret_key(self): def test_low_length_secret_key(self):
self.assertEqual(len(settings.SECRET_KEY), base.SECRET_KEY_MIN_LENGTH - 1) self.assertEqual(len(settings.SECRET_KEY), base.SECRET_KEY_MIN_LENGTH - 1)
self.assertEqual(self.func(None), [base.W009]) self.assertEqual(base.check_secret_key(None), [base.W009])
@override_settings(SECRET_KEY='abcd' * 20) @override_settings(SECRET_KEY='abcd' * 20)
def test_low_entropy_secret_key(self): def test_low_entropy_secret_key(self):
self.assertGreater(len(settings.SECRET_KEY), base.SECRET_KEY_MIN_LENGTH) self.assertGreater(len(settings.SECRET_KEY), base.SECRET_KEY_MIN_LENGTH)
self.assertLess(len(set(settings.SECRET_KEY)), base.SECRET_KEY_MIN_UNIQUE_CHARACTERS) self.assertLess(len(set(settings.SECRET_KEY)), base.SECRET_KEY_MIN_UNIQUE_CHARACTERS)
self.assertEqual(self.func(None), [base.W009]) self.assertEqual(base.check_secret_key(None), [base.W009])
class CheckDebugTest(SimpleTestCase): class CheckDebugTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_debug
return check_debug
@override_settings(DEBUG=True) @override_settings(DEBUG=True)
def test_debug_true(self): def test_debug_true(self):
""" """
Warn if DEBUG is True. Warn if DEBUG is True.
""" """
self.assertEqual(self.func(None), [base.W018]) self.assertEqual(base.check_debug(None), [base.W018])
@override_settings(DEBUG=False) @override_settings(DEBUG=False)
def test_debug_false(self): def test_debug_false(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_debug(None), [])
class CheckAllowedHostsTest(SimpleTestCase): class CheckAllowedHostsTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_allowed_hosts
return check_allowed_hosts
@override_settings(ALLOWED_HOSTS=[]) @override_settings(ALLOWED_HOSTS=[])
def test_allowed_hosts_empty(self): def test_allowed_hosts_empty(self):
self.assertEqual(self.func(None), [base.W020]) self.assertEqual(base.check_allowed_hosts(None), [base.W020])
@override_settings(ALLOWED_HOSTS=['.example.com']) @override_settings(ALLOWED_HOSTS=['.example.com'])
def test_allowed_hosts_set(self): def test_allowed_hosts_set(self):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_allowed_hosts(None), [])
class CheckReferrerPolicyTest(SimpleTestCase): class CheckReferrerPolicyTest(SimpleTestCase):
@property
def func(self):
from django.core.checks.security.base import check_referrer_policy
return check_referrer_policy
@override_settings( @override_settings(
MIDDLEWARE=['django.middleware.security.SecurityMiddleware'], MIDDLEWARE=['django.middleware.security.SecurityMiddleware'],
SECURE_REFERRER_POLICY=None, SECURE_REFERRER_POLICY=None,
) )
def test_no_referrer_policy(self): def test_no_referrer_policy(self):
self.assertEqual(self.func(None), [base.W022]) self.assertEqual(base.check_referrer_policy(None), [base.W022])
@override_settings(MIDDLEWARE=[], SECURE_REFERRER_POLICY=None) @override_settings(MIDDLEWARE=[], SECURE_REFERRER_POLICY=None)
def test_no_referrer_policy_no_middleware(self): def test_no_referrer_policy_no_middleware(self):
@ -524,7 +443,7 @@ class CheckReferrerPolicyTest(SimpleTestCase):
Don't warn if SECURE_REFERRER_POLICY is None and SecurityMiddleware Don't warn if SECURE_REFERRER_POLICY is None and SecurityMiddleware
isn't in MIDDLEWARE. isn't in MIDDLEWARE.
""" """
self.assertEqual(self.func(None), []) self.assertEqual(base.check_referrer_policy(None), [])
@override_settings(MIDDLEWARE=['django.middleware.security.SecurityMiddleware']) @override_settings(MIDDLEWARE=['django.middleware.security.SecurityMiddleware'])
def test_with_referrer_policy(self): def test_with_referrer_policy(self):
@ -537,11 +456,11 @@ class CheckReferrerPolicyTest(SimpleTestCase):
) )
for value in tests: for value in tests:
with self.subTest(value=value), override_settings(SECURE_REFERRER_POLICY=value): with self.subTest(value=value), override_settings(SECURE_REFERRER_POLICY=value):
self.assertEqual(self.func(None), []) self.assertEqual(base.check_referrer_policy(None), [])
@override_settings( @override_settings(
MIDDLEWARE=['django.middleware.security.SecurityMiddleware'], MIDDLEWARE=['django.middleware.security.SecurityMiddleware'],
SECURE_REFERRER_POLICY='invalid-value', SECURE_REFERRER_POLICY='invalid-value',
) )
def test_with_invalid_referrer_policy(self): def test_with_invalid_referrer_policy(self):
self.assertEqual(self.func(None), [base.E023]) self.assertEqual(base.check_referrer_policy(None), [base.E023])

29
tests/check_framework/test_templates.py
View File

@ -1,6 +1,9 @@
from copy import copy, deepcopy from copy import copy, deepcopy
from django.core.checks.templates import E001, E002 from django.core.checks.templates import (
E001, E002, check_setting_app_dirs_loaders,
check_string_if_invalid_is_string,
)
from django.test import SimpleTestCase from django.test import SimpleTestCase
from django.test.utils import override_settings from django.test.utils import override_settings
@ -16,29 +19,24 @@ class CheckTemplateSettingsAppDirsTest(SimpleTestCase):
}, },
] ]
@property
def func(self):
from django.core.checks.templates import check_setting_app_dirs_loaders
return check_setting_app_dirs_loaders
@override_settings(TEMPLATES=TEMPLATES_APP_DIRS_AND_LOADERS) @override_settings(TEMPLATES=TEMPLATES_APP_DIRS_AND_LOADERS)
def test_app_dirs_and_loaders(self): def test_app_dirs_and_loaders(self):
""" """
Error if template loaders are specified and APP_DIRS is True. Error if template loaders are specified and APP_DIRS is True.
""" """
self.assertEqual(self.func(None), [E001]) self.assertEqual(check_setting_app_dirs_loaders(None), [E001])
def test_app_dirs_removed(self): def test_app_dirs_removed(self):
TEMPLATES = deepcopy(self.TEMPLATES_APP_DIRS_AND_LOADERS) TEMPLATES = deepcopy(self.TEMPLATES_APP_DIRS_AND_LOADERS)
del TEMPLATES[0]['APP_DIRS'] del TEMPLATES[0]['APP_DIRS']
with self.settings(TEMPLATES=TEMPLATES): with self.settings(TEMPLATES=TEMPLATES):
self.assertEqual(self.func(None), []) self.assertEqual(check_setting_app_dirs_loaders(None), [])
def test_loaders_removed(self): def test_loaders_removed(self):
TEMPLATES = deepcopy(self.TEMPLATES_APP_DIRS_AND_LOADERS) TEMPLATES = deepcopy(self.TEMPLATES_APP_DIRS_AND_LOADERS)
del TEMPLATES[0]['OPTIONS']['loaders'] del TEMPLATES[0]['OPTIONS']['loaders']
with self.settings(TEMPLATES=TEMPLATES): with self.settings(TEMPLATES=TEMPLATES):
self.assertEqual(self.func(None), []) self.assertEqual(check_setting_app_dirs_loaders(None), [])
class CheckTemplateStringIfInvalidTest(SimpleTestCase): class CheckTemplateStringIfInvalidTest(SimpleTestCase):
@ -67,30 +65,25 @@ class CheckTemplateStringIfInvalidTest(SimpleTestCase):
cls.error1.msg = cls.error1.msg.format(string_if_invalid1, type(string_if_invalid1).__name__) cls.error1.msg = cls.error1.msg.format(string_if_invalid1, type(string_if_invalid1).__name__)
cls.error2.msg = cls.error2.msg.format(string_if_invalid2, type(string_if_invalid2).__name__) cls.error2.msg = cls.error2.msg.format(string_if_invalid2, type(string_if_invalid2).__name__)
@property
def func(self):
from django.core.checks.templates import check_string_if_invalid_is_string
return check_string_if_invalid_is_string
@override_settings(TEMPLATES=TEMPLATES_STRING_IF_INVALID) @override_settings(TEMPLATES=TEMPLATES_STRING_IF_INVALID)
def test_string_if_invalid_not_string(self): def test_string_if_invalid_not_string(self):
self.assertEqual(self.func(None), [self.error1, self.error2]) self.assertEqual(check_string_if_invalid_is_string(None), [self.error1, self.error2])
def test_string_if_invalid_first_is_string(self): def test_string_if_invalid_first_is_string(self):
TEMPLATES = deepcopy(self.TEMPLATES_STRING_IF_INVALID) TEMPLATES = deepcopy(self.TEMPLATES_STRING_IF_INVALID)
TEMPLATES[0]['OPTIONS']['string_if_invalid'] = 'test' TEMPLATES[0]['OPTIONS']['string_if_invalid'] = 'test'
with self.settings(TEMPLATES=TEMPLATES): with self.settings(TEMPLATES=TEMPLATES):
self.assertEqual(self.func(None), [self.error2]) self.assertEqual(check_string_if_invalid_is_string(None), [self.error2])
def test_string_if_invalid_both_are_strings(self): def test_string_if_invalid_both_are_strings(self):
TEMPLATES = deepcopy(self.TEMPLATES_STRING_IF_INVALID) TEMPLATES = deepcopy(self.TEMPLATES_STRING_IF_INVALID)
TEMPLATES[0]['OPTIONS']['string_if_invalid'] = 'test' TEMPLATES[0]['OPTIONS']['string_if_invalid'] = 'test'
TEMPLATES[1]['OPTIONS']['string_if_invalid'] = 'test' TEMPLATES[1]['OPTIONS']['string_if_invalid'] = 'test'
with self.settings(TEMPLATES=TEMPLATES): with self.settings(TEMPLATES=TEMPLATES):
self.assertEqual(self.func(None), []) self.assertEqual(check_string_if_invalid_is_string(None), [])
def test_string_if_invalid_not_specified(self): def test_string_if_invalid_not_specified(self):
TEMPLATES = deepcopy(self.TEMPLATES_STRING_IF_INVALID) TEMPLATES = deepcopy(self.TEMPLATES_STRING_IF_INVALID)
del TEMPLATES[1]['OPTIONS']['string_if_invalid'] del TEMPLATES[1]['OPTIONS']['string_if_invalid']
with self.settings(TEMPLATES=TEMPLATES): with self.settings(TEMPLATES=TEMPLATES):
self.assertEqual(self.func(None), [self.error1]) self.assertEqual(check_string_if_invalid_is_string(None), [self.error1])