Merge pull request #117 from corydolphin/patch/supports_credentials_f…

…alse_test Add supports_credentials=False unittest
corydolphin · Mar 24, 2015 · 3ecc410 · 3ecc410
2 parents 87728e8 + e5f3a2a
commit 3ecc410
Showing 1 changed file with 34 additions and 19 deletions.
diff --git a/tests/decorator/test_credentials.py b/tests/decorator/test_credentials.py
@@ -20,55 +20,70 @@ class SupportsCredentialsCase(FlaskCorsTestCase):
     def setUp(self):
         self.app = Flask(__name__)
 
-        @self.app.route('/test_credentials')
+        @self.app.route('/test_credentials_supported')
         @cross_origin(supports_credentials=True)
-        def test_credentials():
+        def test_credentials_supported():
             return 'Credentials!'
 
-        @self.app.route('/test_open')
+        @self.app.route('/test_credentials_unsupported')
+        @cross_origin(supports_credentials=False)
+        def test_credentials_unsupported():
+            return 'Credentials!'
+
+        @self.app.route('/test_default')
         @cross_origin()
-        def test_open():
+        def test_default():
             return 'Open!'
 
-    def test_credentialed_request(self):
+    def test_credentials_supported(self):
         ''' The specified route should return the
             Access-Control-Allow-Credentials header.
         '''
-        resp = self.get('/test_credentials', origin='www.example.com')
+        resp = self.get('/test_credentials_supported', origin='www.example.com')
         self.assertEquals(resp.headers.get(ACL_CREDENTIALS), 'true')
 
-        resp = self.get('/test_credentials')
+        resp = self.get('/test_credentials_supported')
         self.assertEquals(resp.headers.get(ACL_CREDENTIALS), None )
 
-    def test_open_request(self):
+    def test_default(self):
+        ''' The default behavior should be to disallow credentials.
+        '''
+        resp = self.get('/test_default', origin='www.example.com')
+        self.assertFalse(ACL_CREDENTIALS in resp.headers)
+
+        resp = self.get('/test_default')
+        self.assertFalse(ACL_CREDENTIALS in resp.headers)
+
+    def test_credentials_unsupported(self):
         ''' The default behavior should be to disallow credentials.
         '''
-        resp = self.get('/test_open', origin='www.example.com')
-        self.assertTrue(ACL_CREDENTIALS not in resp.headers)
+        resp = self.get('/test_credentials_unsupported', origin='www.example.com')
+        self.assertFalse(ACL_CREDENTIALS in resp.headers)
+
+        resp = self.get('/test_credentials_unsupported')
+        self.assertFalse(ACL_CREDENTIALS in resp.headers)
 
-        resp = self.get('/test_open')
-        self.assertTrue(ACL_CREDENTIALS not in resp.headers)
 
 class AppConfigExposeHeadersTestCase(AppConfigTest, SupportsCredentialsCase):
     def __init__(self, *args, **kwargs):
         super(AppConfigExposeHeadersTestCase, self).__init__(*args, **kwargs)
 
-    def test_credentialed_request(self):
+    def test_credentials_supported(self):
         self.app.config['CORS_SUPPORTS_CREDENTIALS'] = True
 
-        @self.app.route('/test_credentials')
+        @self.app.route('/test_credentials_supported')
         @cross_origin()
-        def test_credentials():
+        def test_credentials_supported():
             return 'Credentials!'
 
-        super(AppConfigExposeHeadersTestCase, self).test_credentialed_request()
+        super(AppConfigExposeHeadersTestCase, self).test_credentials_supported()
 
     def test_open_request(self):
-        @self.app.route('/test_open')
+        @self.app.route('/test_default')
         @cross_origin()
-        def test_open():
+        def test_default():
             return 'Open!'
-        super(AppConfigExposeHeadersTestCase, self).test_open_request()
+        super(AppConfigExposeHeadersTestCase, self).test_default()
 
 if __name__ == "__main__":
     unittest.main()