Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Tests for password change process. Thanks, Mike Richardson. Fixed #8402.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@8497 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit abb1c508cc95d5cf55e8ab63d6bafe17ac095f95 1 parent cc95b44
Malcolm Tredinnick authored August 23, 2008
1  AUTHORS
@@ -330,6 +330,7 @@ answer newbie questions, and generally made Django that much better:
330 330
     David Reynolds <david@reynoldsfamily.org.uk>
331 331
     rhettg@gmail.com
332 332
     ricardojbarrios@gmail.com
  333
+    Mike Richardson
333 334
     Matt Riggott
334 335
     Henrique Romano <onaiort@gmail.com>
335 336
     Armin Ronacher
7  django/contrib/auth/tests/__init__.py
... ...
@@ -1,11 +1,14 @@
1 1
 from django.contrib.auth.tests.basic import BASIC_TESTS
2  
-from django.contrib.auth.tests.views import PasswordResetTest
  2
+from django.contrib.auth.tests.views import PasswordResetTest, ChangePasswordTest
3 3
 from django.contrib.auth.tests.forms import FORM_TESTS
4 4
 from django.contrib.auth.tests.tokens import TOKEN_GENERATOR_TESTS
5 5
 
  6
+# The password for the fixture data users is 'password'
  7
+
6 8
 __test__ = {
7 9
     'BASIC_TESTS': BASIC_TESTS,
8 10
     'PASSWORDRESET_TESTS': PasswordResetTest,
9 11
     'FORM_TESTS': FORM_TESTS,
10  
-    'TOKEN_GENERATOR_TESTS': TOKEN_GENERATOR_TESTS
  12
+    'TOKEN_GENERATOR_TESTS': TOKEN_GENERATOR_TESTS,
  13
+    'CHANGEPASSWORD_TESTS': ChangePasswordTest,
11 14
 }
1  django/contrib/auth/tests/templates/registration/login.html
... ...
@@ -0,0 +1 @@
  1
+{{ form.as_ul }}
92  django/contrib/auth/tests/views.py
... ...
@@ -1,5 +1,8 @@
1 1
 
  2
+import os
2 3
 import re
  4
+
  5
+from django.conf import settings
3 6
 from django.contrib.auth.models import User
4 7
 from django.test import TestCase
5 8
 from django.core import mail
@@ -7,7 +10,7 @@
7 10
 class PasswordResetTest(TestCase):
8 11
     fixtures = ['authtestdata.json']
9 12
     urls = 'django.contrib.auth.urls'
10  
-    
  13
+
11 14
     def test_email_not_found(self):
12 15
         "Error is raised if the provided email address isn't currently registered"
13 16
         response = self.client.get('/password_reset/')
@@ -15,7 +18,7 @@ def test_email_not_found(self):
15 18
         response = self.client.post('/password_reset/', {'email': 'not_a_real_email@email.com'})
16 19
         self.assertContains(response, "That e-mail address doesn't have an associated user account")
17 20
         self.assertEquals(len(mail.outbox), 0)
18  
-    
  21
+
19 22
     def test_email_found(self):
20 23
         "Email is sent if a valid email address is provided for password reset"
21 24
         response = self.client.post('/password_reset/', {'email': 'staffmember@example.com'})
@@ -39,7 +42,7 @@ def test_confirm_valid(self):
39 42
         url, path = self._test_confirm_start()
40 43
         response = self.client.get(path)
41 44
         # redirect to a 'complete' page:
42  
-        self.assertEquals(response.status_code, 200) 
  45
+        self.assertEquals(response.status_code, 200)
43 46
         self.assert_("Please enter your new password" in response.content)
44 47
 
45 48
     def test_confirm_invalid(self):
@@ -49,7 +52,7 @@ def test_confirm_invalid(self):
49 52
         path = path[:-5] + ("0"*4) + path[-1]
50 53
 
51 54
         response = self.client.get(path)
52  
-        self.assertEquals(response.status_code, 200) 
  55
+        self.assertEquals(response.status_code, 200)
53 56
         self.assert_("The password reset link was invalid" in response.content)
54 57
 
55 58
     def test_confirm_invalid_post(self):
@@ -60,7 +63,7 @@ def test_confirm_invalid_post(self):
60 63
 
61 64
         response = self.client.post(path, {'new_password1': 'anewpassword',
62 65
                                            'new_password2':' anewpassword'})
63  
-        # Check the password has not been changed 
  66
+        # Check the password has not been changed
64 67
         u = User.objects.get(email='staffmember@example.com')
65 68
         self.assert_(not u.check_password("anewpassword"))
66 69
 
@@ -69,14 +72,14 @@ def test_confirm_complete(self):
69 72
         response = self.client.post(path, {'new_password1': 'anewpassword',
70 73
                                            'new_password2': 'anewpassword'})
71 74
         # It redirects us to a 'complete' page:
72  
-        self.assertEquals(response.status_code, 302) 
73  
-        # Check the password has been changed 
  75
+        self.assertEquals(response.status_code, 302)
  76
+        # Check the password has been changed
74 77
         u = User.objects.get(email='staffmember@example.com')
75 78
         self.assert_(u.check_password("anewpassword"))
76 79
 
77 80
         # Check we can't use the link again
78 81
         response = self.client.get(path)
79  
-        self.assertEquals(response.status_code, 200) 
  82
+        self.assertEquals(response.status_code, 200)
80 83
         self.assert_("The password reset link was invalid" in response.content)
81 84
 
82 85
     def test_confirm_different_passwords(self):
@@ -86,3 +89,76 @@ def test_confirm_different_passwords(self):
86 89
         self.assertEquals(response.status_code, 200)
87 90
         self.assert_("The two password fields didn't match" in response.content)
88 91
 
  92
+
  93
+class ChangePasswordTest(TestCase):
  94
+    fixtures = ['authtestdata.json']
  95
+    urls = 'django.contrib.auth.urls'
  96
+
  97
+    def setUp(self):
  98
+        self.old_TEMPLATE_DIRS = settings.TEMPLATE_DIRS
  99
+        settings.TEMPLATE_DIRS = (
  100
+            os.path.join(
  101
+                os.path.dirname(__file__),
  102
+                'templates'
  103
+            )
  104
+        ,)
  105
+
  106
+    def tearDown(self):
  107
+        settings.TEMPLATE_DIRS = self.old_TEMPLATE_DIRS
  108
+
  109
+    def login(self, password='password'):
  110
+        response = self.client.post('/login/', {
  111
+            'username': 'testclient',
  112
+            'password': password
  113
+            }
  114
+        )
  115
+        self.assertEquals(response.status_code, 302)
  116
+        self.assert_(response['Location'].endswith('/accounts/profile/'))
  117
+
  118
+    def fail_login(self, password='password'):
  119
+        response = self.client.post('/login/', {
  120
+            'username': 'testclient',
  121
+            'password': password
  122
+            }
  123
+        )
  124
+        self.assertEquals(response.status_code, 200)
  125
+        self.assert_("Please enter a correct username and password. Note that both fields are case-sensitive." in response.content)
  126
+
  127
+    def logout(self):
  128
+        response = self.client.get('/logout/')
  129
+
  130
+    def test_password_change_fails_with_invalid_old_password(self):
  131
+        self.login()
  132
+        response = self.client.post('/password_change/', {
  133
+            'old_password': 'donuts',
  134
+            'new_password1': 'password1',
  135
+            'new_password2': 'password1',
  136
+            }
  137
+        )
  138
+        self.assertEquals(response.status_code, 200)
  139
+        self.assert_("Your old password was entered incorrectly. Please enter it again." in response.content)
  140
+
  141
+    def test_password_change_fails_with_mismatched_passwords(self):
  142
+        self.login()
  143
+        response = self.client.post('/password_change/', {
  144
+            'old_password': 'password',
  145
+            'new_password1': 'password1',
  146
+            'new_password2': 'donuts',
  147
+            }
  148
+        )
  149
+        self.assertEquals(response.status_code, 200)
  150
+        self.assert_("The two password fields didn't match." in response.content)
  151
+
  152
+    def test_password_change_succeeds(self):
  153
+        self.login()
  154
+        response = self.client.post('/password_change/', {
  155
+            'old_password': 'password',
  156
+            'new_password1': 'password1',
  157
+            'new_password2': 'password1',
  158
+            }
  159
+        )
  160
+        self.assertEquals(response.status_code, 302)
  161
+        self.assert_(response['Location'].endswith('/password_change/done/'))
  162
+        self.fail_login()
  163
+        self.login(password='password1')
  164
+
1  django/contrib/auth/urls.py
@@ -5,6 +5,7 @@
5 5
 from django.conf.urls.defaults import *
6 6
 
7 7
 urlpatterns = patterns('',
  8
+    (r'^login/$', 'django.contrib.auth.views.login'),
8 9
     (r'^logout/$', 'django.contrib.auth.views.logout'),
9 10
     (r'^password_change/$', 'django.contrib.auth.views.password_change'),
10 11
     (r'^password_change/done/$', 'django.contrib.auth.views.password_change_done'),

0 notes on commit abb1c50

Please sign in to comment.
Something went wrong with that request. Please try again.