Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed #19057 (again) -- added additional tests

  • Loading branch information...
commit 2b5f848207b1dab35afd6f63d0107629c76d4d9a 1 parent 81f5d4a
@ptone ptone authored
View
7 django/contrib/auth/handlers/modwsgi.py
@@ -21,17 +21,12 @@ def check_password(environ, username, password):
user = UserModel.objects.get_by_natural_key(username)
except UserModel.DoesNotExist:
return None
- try:
- if not user.is_active:
- return None
- except AttributeError as e:
- # a custom user may not support is_active
+ if not user.is_active:
return None
return user.check_password(password)
finally:
db.close_connection()
-
def groups_for_user(environ, username):
"""
Authorizes a user based on groups
View
42 django/contrib/auth/tests/handlers.py
@@ -2,31 +2,23 @@
from django.contrib.auth.handlers.modwsgi import check_password, groups_for_user
from django.contrib.auth.models import User, Group
+from django.contrib.auth.tests import CustomUser
from django.contrib.auth.tests.utils import skipIfCustomUser
from django.test import TransactionTestCase
+from django.test.utils import override_settings
class ModWsgiHandlerTestCase(TransactionTestCase):
"""
Tests for the mod_wsgi authentication handler
"""
-
- def setUp(self):
- user1 = User.objects.create_user('test', 'test@example.com', 'test')
- User.objects.create_user('test1', 'test1@example.com', 'test1')
- group = Group.objects.create(name='test_group')
- user1.groups.add(group)
-
@skipIfCustomUser
def test_check_password(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
-
- because the custom user available in the test framework does not
- support the is_active attribute, we can't test this with a custom
- user.
"""
+ User.objects.create_user('test', 'test@example.com', 'test')
# User not in database
self.assertTrue(check_password({}, 'unknown', '') is None)
@@ -34,15 +26,43 @@ def test_check_password(self):
# Valid user with correct password
self.assertTrue(check_password({}, 'test', 'test'))
+ # correct password, but user is inactive
+ User.objects.filter(username='test').update(is_active=False)
+ self.assertFalse(check_password({}, 'test', 'test'))
+
# Valid user with incorrect password
self.assertFalse(check_password({}, 'test', 'incorrect'))
+ @override_settings(AUTH_USER_MODEL='auth.CustomUser')
+ def test_check_password_custom_user(self):
+ """
+ Verify that check_password returns the correct values as per
+ http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
+
+ with custom user installed
+ """
+
+ CustomUser.objects.create_user('test@example.com', '1990-01-01', 'test')
+
+ # User not in database
+ self.assertTrue(check_password({}, 'unknown', '') is None)
+
+ # Valid user with correct password'
+ self.assertTrue(check_password({}, 'test@example.com', 'test'))
+
+ # Valid user with incorrect password
+ self.assertFalse(check_password({}, 'test@example.com', 'incorrect'))
+
@skipIfCustomUser
def test_groups_for_user(self):
"""
Check that groups_for_user returns correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Group_Authorisation
"""
+ user1 = User.objects.create_user('test', 'test@example.com', 'test')
+ User.objects.create_user('test1', 'test1@example.com', 'test1')
+ group = Group.objects.create(name='test_group')
+ user1.groups.add(group)
# User not in database
self.assertEqual(groups_for_user({}, 'unknown'), [])
Please sign in to comment.
Something went wrong with that request. Please try again.