Permalink
Browse files

Fix @ssl_required to look at SESSION_COOKIE_SECURE

Instead of triggering on DEBUG=False, it now triggers on
SESSION_COOKIE_SECURE=True.
  • Loading branch information...
1 parent 473b881 commit dc95ade0c4701e4f329bde3c353aa6bbd6a19206 @rlr rlr committed Sep 25, 2013
@@ -7,7 +7,6 @@
from django.contrib.auth.models import User
from django.contrib.sites.models import Site
from django.core import mail
-from django.test.utils import override_settings
import mock
from nose.tools import eq_
@@ -1401,7 +1400,6 @@ def _post_new_question(self, locale=None):
search='A test question')
return self.client.post(url, self.data, follow=True)
- @override_settings(DEBUG=True)
def test_full_workflow(self):
response = self._post_new_question()
eq_(200, response.status_code)
@@ -1434,7 +1432,6 @@ def test_full_workflow(self):
version = question.metadata['ff_version']
eq_('18.0.2', version)
- @override_settings(DEBUG=True)
def test_localized_creation(self):
response = self._post_new_question(locale='pt-BR')
eq_(200, response.status_code)
@@ -1444,7 +1441,6 @@ def test_localized_creation(self):
question = Question.objects.filter(title='A test question')[0]
eq_(question.locale, 'pt-BR')
- @override_settings(DEBUG=True)
def test_full_workflow_inactive(self):
u = self.user
u.is_active = False
@@ -1463,7 +1459,6 @@ def test_full_workflow_inactive(self):
# And no confirmation email was sent (already sent on registration)
eq_(0, len(mail.outbox))
- @override_settings(DEBUG=True)
def test_invalid_type(self):
"""Providing an invalid type returns 400."""
p = product(slug='firefox', save=True)
@@ -1482,7 +1477,6 @@ def test_invalid_type(self):
eq_(400, response.status_code)
assert 'Request type not recognized' in response.content
- @override_settings(DEBUG=True)
@mock.patch.object(Site.objects, 'get_current')
def test_register_through_aaq(self, get_current):
"""Registering through AAQ form sends confirmation email."""
@@ -1519,13 +1513,11 @@ def test_register_through_aaq(self, get_current):
# Note: there was already an email sent above
eq_(1, len(mail.outbox))
- @override_settings(DEBUG=True)
def test_invalid_product_404(self):
url = reverse('questions.aaq_step2', args=['lipsum'])
response = self.client.get(url)
eq_(404, response.status_code)
- @override_settings(DEBUG=True)
def test_invalid_category_302(self):
url = reverse('questions.aaq_step3', args=['desktop', 'lipsum'])
response = self.client.get(url)
@@ -160,7 +160,6 @@ def test_search_suggestions_archived_articles(self):
assert 'donut' in doc('.result.document h3 a').text()
assert 'cupcake' not in doc('.result.document h3 a').text()
- @override_settings(DEBUG=True)
def test_ratelimit(self):
"""Make sure posting new questions is ratelimited"""
data = {'title': 'A test question',
@@ -187,7 +186,6 @@ def test_ratelimit(self):
response = self.client.post(url, data, follow=True)
eq_(403, response.status_code)
- @override_settings(DEBUG=True)
def test_first_step(self):
"""Make sure the first step doesn't blow up
@@ -197,7 +195,6 @@ def test_first_step(self):
res = self.client.get(url)
eq_(200, res.status_code)
- @override_settings(DEBUG=True)
def test_redirect_bad_locales(self):
"""Non-AAQ locales should redirect."""
url_fr = reverse('questions.aaq_step1', locale='fr')
@@ -251,7 +248,6 @@ def test_logged_in_get(self, get_current):
self.assertTemplateUsed(response,
'questions/mobile/new_question.html')
- @override_settings(DEBUG=True)
@mock.patch.object(Site.objects, 'get_current')
def test_logged_in_post(self, get_current):
"""New question is posted through mobile."""
@@ -264,7 +260,6 @@ def test_logged_in_post(self, get_current):
eq_(200, response.status_code)
assert Question.objects.filter(title='A test question')
- @override_settings(DEBUG=True)
@mock.patch.object(Site.objects, 'get_current')
def test_aaq_new_question_inactive(self, get_current):
"""New question is posted through mobile."""
@@ -9,9 +9,9 @@
def ssl_required(view_func):
"""A view decorator that enforces HTTPS.
- If settings.DEBUG is True, it doesn't enforce anything."""
+ If settings.SESSION_COOKIE_SECURE is False, it won't enforce anything."""
def _checkssl(request, *args, **kwargs):
- if not settings.DEBUG and not request.is_secure():
+ if settings.SESSION_COOKIE_SECURE and not request.is_secure():
url_str = request.build_absolute_uri()
url_str = url_str.replace('http://', 'https://')
return http.HttpResponseRedirect(url_str)
@@ -1,13 +1,10 @@
-from django.test.utils import override_settings
-
from kitsune.sumo.tests import TestCase
from kitsune.sumo.urlresolvers import reverse
class TwitterMiddlewareTests(TestCase):
"""Tests for the Twitter auth middleware."""
- @override_settings(DEBUG=True)
def test_logout(self):
"""Ensure logout POST request works."""
landing_url = reverse('customercare.landing', locale='en-US')
@@ -29,7 +29,6 @@ def setUp(self):
self.client.logout()
super(RegisterTests, self).setUp()
- @override_settings(DEBUG=True)
@mock.patch.object(Site.objects, 'get_current')
def test_new_user(self, get_current):
get_current.return_value.domain = 'su.mo.com'
@@ -60,7 +59,6 @@ def test_new_user(self, get_current):
eq_('http://testserver/en-US/home?fpa=1',
response.redirect_chain[0][0])
- @override_settings(DEBUG=True)
@mock.patch.object(email_utils, 'send_messages')
@mock.patch.object(Site.objects, 'get_current')
def test_new_user_smtp_error(self, get_current, send_messages):
@@ -75,7 +73,6 @@ def test_new_user_smtp_error(self, get_current, send_messages):
self.assertContains(response, unicode(ERROR_SEND_EMAIL))
assert not User.objects.filter(username='newbie').exists()
- @override_settings(DEBUG=True)
@mock.patch.object(Site.objects, 'get_current')
def test_unicode_password(self, get_current):
u_str = u'a1\xe5\xe5\xee\xe9\xf8\xe7\u6709\u52b9'
@@ -167,7 +164,6 @@ def test_new_user_with_questions(self, get_current):
assert 'test_question' in response.content
assert q.get_absolute_url() in response.content
- @override_settings(DEBUG=True)
def test_duplicate_username(self):
u = user(save=True)
response = self.client.post(reverse('users.register', locale='en-US'),
@@ -177,7 +173,6 @@ def test_duplicate_username(self):
'password2': 'foo'}, follow=True)
self.assertContains(response, 'already exists')
- @override_settings(DEBUG=True)
def test_duplicate_email(self):
u = user(email='noob@example.com', save=True)
User.objects.create(username='noob', email='noob@example.com').save()
@@ -188,7 +183,6 @@ def test_duplicate_email(self):
'password2': 'foo'}, follow=True)
self.assertContains(response, 'already exists')
- @override_settings(DEBUG=True)
def test_no_match_passwords(self):
u = user(save=True)
response = self.client.post(reverse('users.register', locale='en-US'),
@@ -228,7 +222,6 @@ def test_old_activation_url(self, get_current):
user = User.objects.get(pk=user.pk)
assert user.is_active
- @override_settings(DEBUG=True)
@mock.patch.object(Site.objects, 'get_current')
def test_new_contributor(self, get_current):
"""Verify that interested contributors are added to group."""
@@ -412,8 +405,6 @@ def setUp(self):
self.client.logout()
super(SessionTests, self).setUp()
- # Need to set DEBUG = True for @ssl_required to not freak out.
- @override_settings(DEBUG=True)
def test_login_sets_extra_cookie(self):
"""On login, set the SESSION_EXISTS_COOKIE."""
url = reverse('users.login')
@@ -423,7 +414,6 @@ def test_login_sets_extra_cookie(self):
c = res.cookies[settings.SESSION_EXISTS_COOKIE]
assert 'secure' not in c.output().lower()
- @override_settings(DEBUG=True)
def test_logout_deletes_cookie(self):
"""On logout, delete the SESSION_EXISTS_COOKIE."""
url = reverse('users.logout')
@@ -432,8 +422,7 @@ def test_logout_deletes_cookie(self):
c = res.cookies[settings.SESSION_EXISTS_COOKIE]
assert '1970' in c['expires']
- @override_settings(DEBUG=True,
- SESSION_EXPIRE_AT_BROWSER_CLOSE=True)
+ @override_settings(SESSION_EXPIRE_AT_BROWSER_CLOSE=True)
def test_expire_at_browser_close(self):
"""If SESSION_EXPIRE_AT_BROWSER_CLOSE, do expire then."""
url = reverse('users.login')
@@ -442,8 +431,7 @@ def test_expire_at_browser_close(self):
c = res.cookies[settings.SESSION_EXISTS_COOKIE]
eq_('', c['max-age'])
- @override_settings(DEBUG=True,
- SESSION_EXPIRE_AT_BROWSER_CLOSE=False,
+ @override_settings(SESSION_EXPIRE_AT_BROWSER_CLOSE=False,
SESSION_COOKIE_AGE=123)
def test_expire_in_a_long_time(self):
"""If not SESSION_EXPIRE_AT_BROWSER_CLOSE, set an expiry date."""
View
@@ -20,6 +20,8 @@
# Some cron jobs are skipped on stage.
STAGE = False
+SESSION_COOKIE_SECURE = False
+
# This quells south's crazy debug logging
import logging
import south.logger

0 comments on commit dc95ade

Please sign in to comment.