def test_process_response_sudo_revoked_without_cookie(self):
self.login()
self.middleware.process_request(self.request)
grant_sudo_privileges(self.request)
revoke_sudo_privileges(self.request)
response = self.middleware.process_response(self.request, HttpResponse())
morsels = list(response.cookies.items())
self.assertEqual(len(morsels), 0)
def test_process_response_sudo_revoked_without_cookie(self):
self.login()
self.middleware.process_request(self.request)
grant_sudo_privileges(self.request)
revoke_sudo_privileges(self.request)
response = self.middleware.process_response(self.request,
HttpResponse())
morsels = list(response.cookies.items())
self.assertEqual(len(morsels), 0)
def test_process_response_sudo_revoked_removes_cookie(self):
self.login()
self.middleware.process_request(self.request)
grant_sudo_privileges(self.request)
self.request.COOKIES[COOKIE_NAME] = self.request._sudo_token
revoke_sudo_privileges(self.request)
response = self.middleware.process_response(self.request, HttpResponse())
morsels = list(response.cookies.items())
self.assertEqual(len(morsels), 1)
self.assertEqual(morsels[0][0], COOKIE_NAME)
_, sudo = morsels[0]
# Deleting a cookie is just setting it's value to empty
# and telling it to expire
self.assertEqual(sudo.key, COOKIE_NAME)
self.assertFalse(sudo.value)
self.assertEqual(sudo['max-age'], 0)
def test_process_response_sudo_revoked_removes_cookie(self):
self.login()
self.middleware.process_request(self.request)
grant_sudo_privileges(self.request)
self.request.COOKIES[COOKIE_NAME] = self.request._sudo_token
revoke_sudo_privileges(self.request)
response = self.middleware.process_response(self.request,
HttpResponse())
morsels = list(response.cookies.items())
self.assertEqual(len(morsels), 1)
self.assertEqual(morsels[0][0], COOKIE_NAME)
_, sudo = morsels[0]
# Deleting a cookie is just setting it's value to empty
# and telling it to expire
self.assertEqual(sudo.key, COOKIE_NAME)
self.assertFalse(sudo.value)
self.assertEqual(sudo["max-age"], 0)
def test_revoked(self):
self.login()
grant_sudo_privileges(self.request)
revoke_sudo_privileges(self.request)
self.assertFalse(has_sudo_privileges(self.request))
def test_revoke_sudo_privileges(self):
self.login()
grant_sudo_privileges(self.request)
revoke_sudo_privileges(self.request)
self.assertRequestNotSudo(self.request)
def test_revoke_sudo_privileges_noop(self):
revoke_sudo_privileges(self.request)
self.assertRequestNotSudo(self.request)
def revoke(sender, request, **kwargs):
"""
Automatically revoke sudo privileges when logging out.
"""
revoke_sudo_privileges(request)
def test_revoked(self):
self.login()
grant_sudo_privileges(self.request)
revoke_sudo_privileges(self.request)
self.assertFalse(has_sudo_privileges(self.request))
def test_revoke_sudo_privileges(self):
self.login()
grant_sudo_privileges(self.request)
revoke_sudo_privileges(self.request)
self.assertRequestNotSudo(self.request)
def test_revoke_sudo_privileges_noop(self):
revoke_sudo_privileges(self.request)
self.assertRequestNotSudo(self.request)
def revoke(sender, request, **kwargs):
"""
Automatically revoke sudo privileges when logging out.
"""
revoke_sudo_privileges(request)
