Beispiel #1
0
 def setUp(self):
     super(SSLUserMiddlewareTestCase, self).setUp()
     self.middleware = SSLUserMiddleware()
     self.test_user = self.create_user()
     self.url = '/hilbert/test/simple/'
Beispiel #2
0
class SSLUserMiddlewareTestCase(MiddlewareTestCase):

    def setUp(self):
        super(SSLUserMiddlewareTestCase, self).setUp()
        self.middleware = SSLUserMiddleware()
        self.test_user = self.create_user()
        self.url = '/hilbert/test/simple/'

    def test_authenticated(self):
        """
        Make authenticated HTTP request.
        Check for redirect.
        """
        user = authenticate(username=self.username, password=self.password)
        request = self.get(self.url)
        # Faking auth middleware
        request.user = user
        response = self.middleware.process_request(request)
        self.assertTrue(isinstance(response, HttpResponse))
        self.assertEqual(response.status_code, 301)

    def test_authenticated_ssl(self):
        """
        Make authenticated HTTPS request.
        There should be no redirect.
        """
        user = authenticate(username=self.username, password=self.password)
        request = self.get(self.url, ssl=True)
        # Faking auth middleware
        request.user = user
        response = self.middleware.process_request(request)
        self.assertTrue(response is None)

    def test_anonymous(self):
        """
        Make unauthenticated HTTP request.
        There should be no redirect.
        """
        request = self.get(self.url)
        # Faking auth middleware
        request.user = AnonymousUser()
        response = self.middleware.process_request(request)
        self.assertTrue(response is None)

    def test_no_user(self):
        """
        Make unauthenticated (no request.user) HTTP request.
        There should be no redirect.
        """
        request = self.get(self.url)
        response = self.middleware.process_request(request)
        self.assertTrue(response is None)

    def test_not_enabled(self):
        """
        Make authenticated HTTPS request without SSL_ENABLED.
        There should be no redirect.
        """
        ssl = getattr(settings, 'SSL_ENABLED', False)
        settings.SSL_ENABLED = False
        try:
            user = authenticate(username=self.username, password=self.password)
            request = self.get(self.url)
            # Faking auth middleware
            request.user = user
            response = self.middleware.process_request(request)
            self.assertTrue(response is None)
        finally:
            settings.SSL_ENABLED = ssl

    def test_authenticated_keep_secure(self):
        """
        Make authenticated HTTPS request.
        Request should be marked as keep_secure for additional middleware.
        """
        user = authenticate(username=self.username, password=self.password)
        request = self.get(self.url, ssl=True)
        # Faking auth middleware
        request.user = user
        response = self.middleware.process_request(request)
        self.assertTrue(response is None)
        self.assertTrue(getattr(request,  'keep_secure', False))

    def test_unauthenticated_keep_secure(self):
        """
        Make unauthenticated HTTPS request.
        Request should not be marked as keep_secure.
        """
        request = self.get(self.url, ssl=True)
        # Faking auth middleware
        request.user = AnonymousUser()
        response = self.middleware.process_request(request)
        self.assertTrue(response is None)
        self.assertFalse(getattr(request,  'keep_secure', False))