django/tests/auth_tests/test_handlers.py

from django.contrib.auth.handlers.modwsgi import (
    check_password, groups_for_user,
)
from django.contrib.auth.models import Group, User
from django.test import TransactionTestCase, override_settings

from .models import CustomUser


# This must be a TransactionTestCase because the WSGI auth handler performs
# its own transaction management.
class ModWsgiHandlerTestCase(TransactionTestCase):
    """
    Tests for the mod_wsgi authentication handler
    """

    available_apps = [
        'django.contrib.auth',
        'django.contrib.contenttypes',
        'auth_tests',
    ]

    def test_check_password(self):
        """
        check_password() returns the correct values as per
        https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
        """
        User.objects.create_user('test', 'test@example.com', 'test')

        # User not in database
        self.assertIsNone(check_password({}, 'unknown', ''))

        # Valid user with correct password
        self.assertTrue(check_password({}, 'test', 'test'))

        # correct password, but user is inactive
        User.objects.filter(username='test').update(is_active=False)
        self.assertFalse(check_password({}, 'test', 'test'))

        # Valid user with incorrect password
        self.assertFalse(check_password({}, 'test', 'incorrect'))

    @override_settings(AUTH_USER_MODEL='auth_tests.CustomUser')
    def test_check_password_custom_user(self):
        """
        check_password() returns the correct values as per
        https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
        with a custom user installed.
        """
        CustomUser._default_manager.create_user('test@example.com', '1990-01-01', 'test')

        # User not in database
        self.assertIsNone(check_password({}, 'unknown', ''))

        # Valid user with correct password'
        self.assertTrue(check_password({}, 'test@example.com', 'test'))

        # Valid user with incorrect password
        self.assertFalse(check_password({}, 'test@example.com', 'incorrect'))

    def test_groups_for_user(self):
        """
        groups_for_user() returns correct values as per
        https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-group-authorisation
        """
        user1 = User.objects.create_user('test', 'test@example.com', 'test')
        User.objects.create_user('test1', 'test1@example.com', 'test1')
        group = Group.objects.create(name='test_group')
        user1.groups.add(group)

        # User not in database
        self.assertEqual(groups_for_user({}, 'unknown'), [])

        self.assertEqual(groups_for_user({}, 'test'), [b'test_group'])
        self.assertEqual(groups_for_user({}, 'test1'), [])
Sorted imports with isort; refs #23860. 2015-01-28 20:35:27 +08:00			`from django.contrib.auth.handlers.modwsgi import (`
			`check_password, groups_for_user,`
			`)`
			`from django.contrib.auth.models import Group, User`
			`from django.test import TransactionTestCase, override_settings`
fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00
Fixed #26089 -- Removed custom user test models from public API. Thanks to Tim Graham for the review. 2016-02-05 00:47:51 +08:00			`from .models import CustomUser`

fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00
Defined available_apps in relevant tests. Fixed #20483. 2013-06-04 14:09:29 +08:00			`# This must be a TransactionTestCase because the WSGI auth handler performs`
			`# its own transaction management.`
Used TransactionTestCase in ModWsgiHandlerTestCase Now the data created in setUp() is not discarded when the connection is closed in the handler's methods. 2012-09-29 18:10:52 +08:00			`class ModWsgiHandlerTestCase(TransactionTestCase):`
fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00			`"""`
			`Tests for the mod_wsgi authentication handler`
			`"""`
Defined available_apps in relevant tests. Fixed #20483. 2013-06-04 14:09:29 +08:00
			`available_apps = [`
			`'django.contrib.auth',`
			`'django.contrib.contenttypes',`
Fixed #26089 -- Removed custom user test models from public API. Thanks to Tim Graham for the review. 2016-02-05 00:47:51 +08:00			`'auth_tests',`
Defined available_apps in relevant tests. Fixed #20483. 2013-06-04 14:09:29 +08:00			`]`

fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00			`def test_check_password(self):`
			`"""`
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-10-27 15:53:39 +08:00			`check_password() returns the correct values as per`
Fixed #26554 -- Updated docs URLs to readthedocs.io 2016-04-28 22:09:57 +08:00			`https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider`
fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00			`"""`
Fixed #19057 (again) -- added additional tests 2012-10-03 00:16:37 +08:00			`User.objects.create_user('test', 'test@example.com', 'test')`
fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00
			`# User not in database`
Fixed #23620 -- Used more specific assertions in the Django test suite. 2014-10-28 18:02:56 +08:00			`self.assertIsNone(check_password({}, 'unknown', ''))`
fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00
			`# Valid user with correct password`
			`self.assertTrue(check_password({}, 'test', 'test'))`

Fixed #19057 (again) -- added additional tests 2012-10-03 00:16:37 +08:00			`# correct password, but user is inactive`
			`User.objects.filter(username='test').update(is_active=False)`
			`self.assertFalse(check_password({}, 'test', 'test'))`

fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00			`# Valid user with incorrect password`
			`self.assertFalse(check_password({}, 'test', 'incorrect'))`

Fixed #26089 -- Removed custom user test models from public API. Thanks to Tim Graham for the review. 2016-02-05 00:47:51 +08:00			`@override_settings(AUTH_USER_MODEL='auth_tests.CustomUser')`
Fixed #19057 (again) -- added additional tests 2012-10-03 00:16:37 +08:00			`def test_check_password_custom_user(self):`
			`"""`
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-10-27 15:53:39 +08:00			`check_password() returns the correct values as per`
Fixed #26554 -- Updated docs URLs to readthedocs.io 2016-04-28 22:09:57 +08:00			`https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider`
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-10-27 15:53:39 +08:00			`with a custom user installed.`
Fixed #19057 (again) -- added additional tests 2012-10-03 00:16:37 +08:00			`"""`
Fixed #19596 -- Use `_default_manager` instead of `objects` in the auth app. This is needed to support custom user models which don't define a manager named `objects`. 2013-01-22 19:47:34 +08:00			`CustomUser._default_manager.create_user('test@example.com', '1990-01-01', 'test')`
Fixed #19057 (again) -- added additional tests 2012-10-03 00:16:37 +08:00
			`# User not in database`
Fixed #23620 -- Used more specific assertions in the Django test suite. 2014-10-28 18:02:56 +08:00			`self.assertIsNone(check_password({}, 'unknown', ''))`
Fixed #19057 (again) -- added additional tests 2012-10-03 00:16:37 +08:00
			`# Valid user with correct password'`
			`self.assertTrue(check_password({}, 'test@example.com', 'test'))`

			`# Valid user with incorrect password`
			`self.assertFalse(check_password({}, 'test@example.com', 'incorrect'))`

fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00			`def test_groups_for_user(self):`
			`"""`
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-10-27 15:53:39 +08:00			`groups_for_user() returns correct values as per`
Fixed #26554 -- Updated docs URLs to readthedocs.io 2016-04-28 22:09:57 +08:00			`https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-group-authorisation`
fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00			`"""`
Fixed #19057 (again) -- added additional tests 2012-10-03 00:16:37 +08:00			`user1 = User.objects.create_user('test', 'test@example.com', 'test')`
			`User.objects.create_user('test1', 'test1@example.com', 'test1')`
			`group = Group.objects.create(name='test_group')`
			`user1.groups.add(group)`
fixed #10809 -- add a mod_wsgi authentication handler Thanks to baumer1122 for the suggestion and initial patch and David Fischer for the contributions and long term patch maintenance and docs. 2012-09-24 13:48:13 +08:00
			`# User not in database`
			`self.assertEqual(groups_for_user({}, 'unknown'), [])`

			`self.assertEqual(groups_for_user({}, 'test'), [b'test_group'])`
			`self.assertEqual(groups_for_user({}, 'test1'), [])`