search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
App Engine Python SDK version 1.7.4 (2)
[gae.git] / python / lib / django_1_4 / django / contrib / flatpages / tests / csrf.py
blob969ae8d7e9c033f2e8e80f3a1039963218415b0c
1 import os
2 from django.conf import settings
3 from django.contrib.auth.models import User
4 from django.test import TestCase, Client
5
6 class FlatpageCSRFTests(TestCase):
7 fixtures = ['sample_flatpages']
8 urls = 'django.contrib.flatpages.tests.urls'
9
10 def setUp(self):
11 self.client = Client(enforce_csrf_checks=True)
12 self.old_MIDDLEWARE_CLASSES = settings.MIDDLEWARE_CLASSES
13 flatpage_middleware_class = 'django.contrib.flatpages.middleware.FlatpageFallbackMiddleware'
14 csrf_middleware_class = 'django.middleware.csrf.CsrfViewMiddleware'
15 if csrf_middleware_class not in settings.MIDDLEWARE_CLASSES:
16 settings.MIDDLEWARE_CLASSES += (csrf_middleware_class,)
17 if flatpage_middleware_class not in settings.MIDDLEWARE_CLASSES:
18 settings.MIDDLEWARE_CLASSES += (flatpage_middleware_class,)
19 self.old_TEMPLATE_DIRS = settings.TEMPLATE_DIRS
20 settings.TEMPLATE_DIRS = (
21 os.path.join(
22 os.path.dirname(__file__),
23 'templates'
24 ),
25 )
26 self.old_LOGIN_URL = settings.LOGIN_URL
27 settings.LOGIN_URL = '/accounts/login/'
28
29 def tearDown(self):
30 settings.MIDDLEWARE_CLASSES = self.old_MIDDLEWARE_CLASSES
31 settings.TEMPLATE_DIRS = self.old_TEMPLATE_DIRS
32 settings.LOGIN_URL = self.old_LOGIN_URL
33
34 def test_view_flatpage(self):
35 "A flatpage can be served through a view, even when the middleware is in use"
36 response = self.client.get('/flatpage_root/flatpage/')
37 self.assertEqual(response.status_code, 200)
38 self.assertContains(response, "<p>Isn't it flat!</p>")
39
40 def test_view_non_existent_flatpage(self):
41 "A non-existent flatpage raises 404 when served through a view, even when the middleware is in use"
42 response = self.client.get('/flatpage_root/no_such_flatpage/')
43 self.assertEqual(response.status_code, 404)
44
45 def test_view_authenticated_flatpage(self):
46 "A flatpage served through a view can require authentication"
47 response = self.client.get('/flatpage_root/sekrit/')
48 self.assertRedirects(response, '/accounts/login/?next=/flatpage_root/sekrit/')
49 User.objects.create_user('testuser', 'test@example.com', 's3krit')
50 self.client.login(username='testuser',password='s3krit')
51 response = self.client.get('/flatpage_root/sekrit/')
52 self.assertEqual(response.status_code, 200)
53 self.assertContains(response, "<p>Isn't it sekrit!</p>")
54
55 def test_fallback_flatpage(self):
56 "A flatpage can be served by the fallback middlware"
57 response = self.client.get('/flatpage/')
58 self.assertEqual(response.status_code, 200)
59 self.assertContains(response, "<p>Isn't it flat!</p>")
60
61 def test_fallback_non_existent_flatpage(self):
62 "A non-existent flatpage raises a 404 when served by the fallback middlware"
63 response = self.client.get('/no_such_flatpage/')
64 self.assertEqual(response.status_code, 404)
65
66 def test_post_view_flatpage(self):
67 "POSTing to a flatpage served through a view will raise a CSRF error if no token is provided (Refs #14156)"
68 response = self.client.post('/flatpage_root/flatpage/')
69 self.assertEqual(response.status_code, 403)
70
71 def test_post_fallback_flatpage(self):
72 "POSTing to a flatpage served by the middleware will raise a CSRF error if no token is provided (Refs #14156)"
73 response = self.client.post('/flatpage/')
74 self.assertEqual(response.status_code, 403)
75
76 def test_post_unknown_page(self):
77 "POSTing to an unknown page isn't caught as a 403 CSRF error"
78 response = self.client.post('/no_such_page/')
79 self.assertEqual(response.status_code, 404)
google appengine git mirror