def test_cookie_and_token_mismatch(self):
self.login()
def get_signed_cookie(key, salt='', max_age=None):
return 'nope'
self.request.session[COOKIE_NAME] = 'abc123'
self.assertFalse(has_elevated_privileges(self.request))
def test_cookie_bad_signature(self):
self.login()
def get_signed_cookie(key, salt='', max_age=None):
raise BadSignature
self.request.session[COOKIE_NAME] = 'abc123'
self.assertFalse(has_elevated_privileges(self.request))
def test_granted(self):
self.login()
grant_elevated_privileges(self.request)
self.assertTrue(has_elevated_privileges(self.request))
def test_revoked(self):
self.login()
grant_elevated_privileges(self.request)
revoke_elevated_privileges(self.request)
self.assertFalse(has_elevated_privileges(self.request))
def test_untouched(self):
self.assertFalse(has_elevated_privileges(self.request))
def test_missing_keys(self):
self.login()
self.assertFalse(has_elevated_privileges(self.request))
def has_elevated_privileges(self, request):
# Override me to alter behavior
return has_elevated_privileges(request)
def test_user_logged_out(self):
self.login()
grant_elevated_privileges(self.request)
self.assertTrue(has_elevated_privileges(self.request))
user_logged_out.send_robust(sender=User, request=self.request)
self.assertFalse(has_elevated_privileges(self.request))
def test_user_logged_in(self):
self.login()
user_logged_in.send_robust(sender=User, request=self.request)
self.assertTrue(has_elevated_privileges(self.request))
