Issue with test_views.py Author Create View challenge code for Django 2.1 or later #26
Description
I came across an issue when running tests of the tutorial -Part 10, and to a small extent Part 8 where user permissions are first discussed. I believe this issue arises due to a change in Django 2.1 as indicated on the official documentation page, under the section “Redirecting unauthorized requests in class-based views”, which can be found here.
Current functionality (Django 2.1+):
Authenticated users are denied access with an HTTP 403 Forbidden response.
Old functionality:
In older versions, authenticated users who lacked permissions were redirected to the login page (which resulted in a loop) instead of receiving an HTTP 403 Forbidden response.
Recommend a change to these lines of testing code as follows (in test_views.py):
def test_redirect_if_logged_in_but_not_correct_permission(self):
login = self.client.login(username='testuser1', password='12345')
resp = self.client.get(reverse('author_create') )
self.assertRedirects(resp, '/accounts/login/?next=/catalog/author/create/' )I’ve used the following, which simply checks that a 403-Forbidden response is returned as stipulated by Django documentation:
def test_redirect_if_logged_in_but_not_correct_permission(self):
...
self.assertEqual(resp.status_code, 403)There might be better ways, but I hope this will help out.