def test_404_already_logged_in(self):
"""The login buttons should not display on the 404 page when the user is logged in"""
client = LocalizingClient()
# View page as a logged in user
client.login(username='******', password='******')
response = client.get('/something-doesnt-exist', follow=True)
doc = pq(response.content)
login_block = doc.find('.socialaccount_providers')
eq_(len(login_block), 0)
eq_(404, response.status_code)
client.logout()
def test_404_already_logged_in(self):
"""The login buttons should not display on the 404 page when the user is logged in"""
client = LocalizingClient()
# View page as a logged in user
client.login(username='******',
password='******')
response = client.get('/something-doesnt-exist', follow=True)
doc = pq(response.content)
login_block = doc.find('.socialaccount_providers')
eq_(len(login_block), 0)
eq_(404, response.status_code)
client.logout()
class LoginTestCase(TestCase):
fixtures = ['test_users.json']
def setUp(self):
self.old_debug = settings.DEBUG
settings.DEBUG = True
self.client = LocalizingClient()
self.client.logout()
def tearDown(self):
settings.DEBUG = self.old_debug
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_request_properties(self, get_current):
'''_clean_next_url checks POST, GET, and REFERER'''
get_current.return_value.domain = 'dev.mo.org'
r = RequestFactory().get('/users/login', {'next': '/demos/submit'},
HTTP_REFERER='referer-trumped-by-get')
eq_('/demos/submit', _clean_next_url(r))
r = RequestFactory().post('/users/login', {'next': '/demos/submit'})
eq_('/demos/submit', _clean_next_url(r))
r = RequestFactory().get('/users/login', HTTP_REFERER='/demos/submit')
eq_('/demos/submit', _clean_next_url(r))
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_no_self_redirects(self, get_current):
'''_clean_next_url checks POST, GET, and REFERER'''
get_current.return_value.domain = 'dev.mo.org'
for next in [settings.LOGIN_URL, settings.LOGOUT_URL]:
r = RequestFactory().get('/users/login', {'next': next})
eq_(None, _clean_next_url(r))
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_invalid_next_parameter(self, get_current):
'''_clean_next_url cleans invalid urls'''
get_current.return_value.domain = 'dev.mo.org'
for next in self._invalid_nexts():
r = RequestFactory().get('/users/login', {'next': next})
eq_(None, _clean_next_url(r))
def _invalid_nexts(self):
return ['http://foobar.com/evil/', '//goo.gl/y-bad']
def test_ban_permission(self):
"""The ban permission controls access to the ban view."""
client = LocalizingClient()
admin = User.objects.get(username='******')
testuser = User.objects.get(username='******')
# testuser doesn't have ban permission, can't ban.
client.login(username='******', password='******')
ban_url = reverse('users.ban_user', kwargs={'user_id': admin.id})
resp = client.get(ban_url)
eq_(302, resp.status_code)
ok_(str(settings.LOGIN_URL) in resp['Location'])
client.logout()
# admin has ban permission, can ban.
client.login(username='******', password='******')
ban_url = reverse('users.ban_user', kwargs={'user_id': testuser.id})
resp = client.get(ban_url)
eq_(200, resp.status_code)
def test_ban_permission(self):
"""The ban permission controls access to the ban view."""
client = LocalizingClient()
admin = User.objects.get(username='******')
testuser = User.objects.get(username='******')
# testuser doesn't have ban permission, can't ban.
client.login(username='******',
password='******')
ban_url = reverse('users.ban_user',
kwargs={'user_id': admin.id})
resp = client.get(ban_url)
eq_(302, resp.status_code)
ok_(settings.LOGIN_URL in resp['Location'])
client.logout()
# admin has ban permission, can ban.
client.login(username='******',
password='******')
ban_url = reverse('users.ban_user',
kwargs={'user_id': testuser.id})
resp = client.get(ban_url)
eq_(200, resp.status_code)
class LoginTestCase(TestCase):
fixtures = ['test_users.json']
def setUp(self):
self.old_debug = settings.DEBUG
settings.DEBUG = True
self.client = LocalizingClient()
self.client.logout()
def tearDown(self):
settings.DEBUG = self.old_debug
@mock.patch_object(Site.objects, 'get_current')
def test_bad_login_fails_both_backends(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
self.assertRaises(User.DoesNotExist, User.objects.get,
username='******')
response = self.client.post(reverse('users.login'),
{'username': '******',
'password': '******'}, follow=True)
eq_(200, response.status_code)
self.assertContains(response, 'Please enter a correct username and '
'password.')
@mock.patch_object(Site.objects, 'get_current')
def test_django_login(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
response = self.client.post(reverse('users.login'),
{'username': '******',
'password': '******'}, follow=True)
eq_(200, response.status_code)
doc = pq(response.content)
eq_('testuser', doc.find('ul.user-state a:first').text())
@mock.patch_object(Site.objects, 'get_current')
def test_django_login_wont_redirect_to_login(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
login_uri = reverse('users.login')
response = self.client.post(login_uri,
{'username': '******',
'password': '******',
'next': login_uri},
follow=True)
eq_(200, response.status_code)
for redirect_url, code in response.redirect_chain:
ok_(login_uri not in redirect_url, "Found %s in redirect_chain"
% login_uri)
doc = pq(response.content)
eq_('testuser', doc.find('ul.user-state a:first').text())
@mock.patch_object(Site.objects, 'get_current')
def test_logged_in_message(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
login_uri = reverse('users.login')
response = self.client.post(login_uri,
{'username': '******',
'password': '******'},
follow=True)
eq_(200, response.status_code)
response = self.client.get(login_uri, follow=True)
eq_(200, response.status_code)
doc = pq(response.content)
eq_("You are already logged in.", doc.find('article').text())
@mock.patch_object(Site.objects, 'get_current')
def test_django_login_redirects_to_next(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
login_uri = reverse('users.login')
response = self.client.post(login_uri,
{'username': '******',
'password': '******'},
follow=True)
eq_(200, response.status_code)
response = self.client.get(login_uri, {'next': '/en-US/demos/submit'},
follow=True)
eq_('http://testserver/en-US/demos/submit',
response.redirect_chain[0][0])
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_request_properties(self, get_current):
'''_clean_next_url checks POST, GET, and REFERER'''
get_current.return_value.domain = 'dev.mo.org'
r = RequestFactory().get('/users/login', {'next': '/demos/submit'},
HTTP_REFERER='referer-trumped-by-get')
eq_('/demos/submit', _clean_next_url(r))
r = RequestFactory().post('/users/login', {'next': '/demos/submit'})
eq_('/demos/submit', _clean_next_url(r))
r = RequestFactory().get('/users/login', HTTP_REFERER='/demos/submit')
eq_('/demos/submit', _clean_next_url(r))
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_no_self_redirects(self, get_current):
'''_clean_next_url checks POST, GET, and REFERER'''
get_current.return_value.domain = 'dev.mo.org'
for next in [settings.LOGIN_URL, settings.LOGOUT_URL]:
r = RequestFactory().get('/users/login', {'next': next})
eq_(None, _clean_next_url(r))
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_invalid_next_parameter(self, get_current):
'''_clean_next_url cleans invalid urls'''
get_current.return_value.domain = 'dev.mo.org'
for next in self._invalid_nexts():
r = RequestFactory().get('/users/login', {'next': next})
eq_(None, _clean_next_url(r))
@mock.patch_object(Site.objects, 'get_current')
def test_login_invalid_next_parameter(self, get_current):
'''Test with an invalid ?next=http://example.com parameter.'''
get_current.return_value.domain = 'testserver.com'
valid_next = reverse('home', locale=settings.LANGUAGE_CODE)
for invalid_next in self._invalid_nexts():
# Verify that _valid_ next parameter is set in form hidden field.
response = self.client.get(urlparams(reverse('users.login'),
next=invalid_next))
eq_(200, response.status_code)
doc = pq(response.content)
eq_(valid_next, doc('input[name="next"]')[0].attrib['value'])
# Verify that it gets used on form POST.
response = self.client.post(reverse('users.login'),
{'username': '******',
'password': '******',
'next': invalid_next})
eq_(302, response.status_code)
eq_('http://testserver' + valid_next, response['location'])
self.client.logout()
def _invalid_nexts(self):
return ['http://foobar.com/evil/', '//goo.gl/y-bad']
class ProfileViewsTest(TestCase):
fixtures = ['test_users.json']
def setUp(self):
self.old_debug = settings.DEBUG
settings.DEBUG = True
self.client = LocalizingClient()
self.client.logout()
def tearDown(self):
settings.DEBUG = self.old_debug
def _get_current_form_field_values(self, doc):
# Scrape out the existing significant form field values.
form = dict()
for fn in ('email', 'fullname', 'title', 'organization', 'location',
'irc_nickname', 'bio', 'interests', 'country', 'format'):
form[fn] = doc.find('#profile-edit *[name="%s"]' % fn).val()
form['country'] = 'us'
form['format'] = 'html'
return form
@attr('docs_activity')
def test_profile_view(self):
"""A user profile can be viewed"""
profile = UserProfile.objects.get(user__username='******')
user = profile.user
url = reverse('users.profile', args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(profile.user.username,
doc.find('#profile-head.vcard .nickname').text())
eq_(profile.fullname,
doc.find('#profile-head.vcard .fn').text())
eq_(profile.title,
doc.find('#profile-head.vcard .title').text())
eq_(profile.organization,
doc.find('#profile-head.vcard .org').text())
eq_(profile.location,
doc.find('#profile-head.vcard .loc').text())
eq_('IRC: ' + profile.irc_nickname,
doc.find('#profile-head.vcard .irc').text())
eq_(profile.bio,
doc.find('#profile-head.vcard .bio').text())
def test_my_profile_view(self):
u = User.objects.get(username='******')
self.client.login(username=u.username, password=TESTUSER_PASSWORD)
resp = self.client.get('/profile/')
eq_(302, resp.status_code)
ok_(reverse('users.profile', args=(u.username,)) in
resp['Location'])
def test_bug_698971(self):
"""A non-numeric page number should not cause an error"""
(user, profile) = create_profile()
url = '%s?page=asdf' % reverse('users.profile', args=(user.username,))
try:
self.client.get(url, follow=True)
except PageNotAnInteger:
ok_(False, "Non-numeric page number should not cause an error")
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_profile_edit(self,
unsubscribe,
subscribe,
lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
profile = UserProfile.objects.get(user__username='******')
user = profile.user
url = reverse('users.profile', args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(0, doc.find('#profile-head .edit .button').length)
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile', args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
edit_button = doc.find('#profile-head .edit #edit-profile')
eq_(1, edit_button.length)
url = edit_button.attr('href')
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(profile.fullname,
doc.find('#profile-edit input[name="fullname"]').val())
eq_(profile.title,
doc.find('#profile-edit input[name="title"]').val())
eq_(profile.organization,
doc.find('#profile-edit input[name="organization"]').val())
eq_(profile.location,
doc.find('#profile-edit input[name="location"]').val())
eq_(profile.irc_nickname,
doc.find('#profile-edit input[name="irc_nickname"]').val())
new_attrs = dict(
email='*****@*****.**',
fullname="Another Name",
title="Another title",
organization="Another org",
country="us",
format="html"
)
r = self.client.post(url, new_attrs, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-head').length)
eq_(new_attrs['fullname'],
doc.find('#profile-head .main .fn').text())
eq_(new_attrs['title'],
doc.find('#profile-head .info .title').text())
eq_(new_attrs['organization'],
doc.find('#profile-head .info .org').text())
profile = UserProfile.objects.get(user__username=user.username)
eq_(new_attrs['fullname'], profile.fullname)
eq_(new_attrs['title'], profile.title)
eq_(new_attrs['organization'], profile.organization)
def test_my_profile_edit(self):
u = User.objects.get(username='******')
self.client.login(username=u.username, password=TESTUSER_PASSWORD)
resp = self.client.get('/profile/edit')
eq_(302, resp.status_code)
ok_(reverse('users.profile_edit', args=(u.username,)) in
resp['Location'])
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(None, doc.find('input#id_beta').attr('checked'))
form = self._get_current_form_field_values(doc)
form['beta'] = True
r = self.client.post(url, form, follow=True)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_('checked', doc.find('input#id_beta').attr('checked'))
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_sites = {
u'website': u'http://example.com/',
u'twitter': u'http://twitter.com/lmorchard',
u'github': u'http://github.com/lmorchard',
u'stackoverflow': u'http://stackoverflow.com/users/lmorchard',
u'linkedin': u'https://www.linkedin.com/in/testuser',
u'mozillians': u'https://mozillians.org/u/testuser',
u'facebook': u'https://www.facebook.com/test.user'
}
form = self._get_current_form_field_values(doc)
# Fill out the form with websites.
form.update(dict(('websites_%s' % k, v)
for k, v in test_sites.items()))
# Submit the form, verify redirect to profile detail
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-head').length)
p = UserProfile.objects.get(user=user)
# Verify the websites are saved in the profile.
eq_(test_sites, p.websites)
# Verify the saved websites appear in the editing form
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
for k, v in test_sites.items():
eq_(v, doc.find('#profile-edit *[name="websites_%s"]' % k).val())
# Come up with some bad sites, either invalid URL or bad URL prefix
bad_sites = {
u'website': u'HAHAHA WHAT IS A WEBSITE',
u'twitter': u'http://facebook.com/lmorchard',
u'stackoverflow': u'http://overqueueblah.com/users/lmorchard',
}
form.update(dict(('websites_%s' % k, v)
for k, v in bad_sites.items()))
# Submit the form, verify errors for all of the bad sites
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-edit').length)
tmpl = '#profile-edit #elsewhere .%s .errorlist'
for n in ('website', 'twitter', 'stackoverflow'):
eq_(1, doc.find(tmpl % n).length)
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_profile_edit_interests(self,
unsubscribe,
subscribe,
lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_tags = ['javascript', 'css', 'canvas', 'html', 'homebrewing']
form = self._get_current_form_field_values(doc)
form['interests'] = ', '.join(test_tags)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-head').length)
p = UserProfile.objects.get(user=user)
result_tags = [t.name.replace('profile:interest:', '')
for t in p.tags.all_ns('profile:interest:')]
result_tags.sort()
test_tags.sort()
eq_(test_tags, result_tags)
test_expertise = ['css', 'canvas']
form['expertise'] = ', '.join(test_expertise)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-head').length)
p = UserProfile.objects.get(user=user)
result_tags = [t.name.replace('profile:expertise:', '')
for t in p.tags.all_ns('profile:expertise')]
result_tags.sort()
test_expertise.sort()
eq_(test_expertise, result_tags)
# Now, try some expertise tags not covered in interests
test_expertise = ['css', 'canvas', 'mobile', 'movies']
form['expertise'] = ', '.join(test_expertise)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('.error #id_expertise').length)
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_tags = [u'science,Technology,paradox,knowledge,modeling,big data,'
u'vector,meme,heuristics,harmony,mathesis universalis,'
u'symmetry,mathematics,computer graphics,field,chemistry,'
u'religion,astronomy,physics,biology,literature,'
u'spirituality,Art,Philosophy,Psychology,Business,Music,'
u'Computer Science']
form = self._get_current_form_field_values(doc)
form['interests'] = test_tags
r = self.client.post(url, form, follow=True)
eq_(200, r.status_code)
doc = pq(r.content)
eq_(1, doc.find('ul.errorlist li').length)
assert ('Ensure this value has at most 255 characters'
in doc.find('ul.errorlist li').text())
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user):
"""Test that the form field names are localized"""
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
for field in r.context['form'].fields:
# if label is localized it's a lazy proxy object
ok_(not isinstance(
r.context['form'].fields[field].label, basestring),
'Field %s is a string!' % field)
def _break(self, url, r):
logging.debug("URL %s" % url)
logging.debug("STAT %s" % r.status_code)
logging.debug("HEAD %s" % r.items())
logging.debug("CONT %s" % r.content)
ok_(False)
def test_bug_811751_banned_profile(self):
"""A banned user's profile should not be viewable"""
profile = UserProfile.objects.get(user__username='******')
user = profile.user
url = reverse('users.profile', args=(user.username,))
# Profile viewable if not banned
response = self.client.get(url, follow=True)
self.assertNotEqual(response.status_code, 403)
# Ban User
admin = User.objects.get(username='******')
testuser = User.objects.get(username='******')
ban = UserBan(user=testuser, by=admin,
reason='Banned by unit test.',
is_active=True)
ban.save()
# Profile not viewable if banned
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 403)
# Admin can view banned user's profile
self.client.login(username='******', password='******')
response = self.client.get(url, follow=True)
self.assertNotEqual(response.status_code, 403)
class ProfileViewsTest(TestCase):
fixtures = ['test_users.json']
def setUp(self):
self.old_debug = settings.DEBUG
settings.DEBUG = True
self.client = LocalizingClient()
self.client.logout()
def tearDown(self):
settings.DEBUG = self.old_debug
def _get_current_form_field_values(self, doc):
# Scrape out the existing significant form field values.
form = dict()
for fn in ('email', 'fullname', 'title', 'organization', 'location',
'irc_nickname', 'bio', 'interests'):
form[fn] = doc.find('#profile-edit *[name="profile-%s"]' % fn).val()
form['country'] = 'us'
form['format'] = 'html'
return form
@attr('docs_activity')
def test_profile_view(self):
"""A user profile can be viewed"""
profile = UserProfile.objects.get(user__username='******')
user = profile.user
url = reverse('users.profile', args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(profile.user.username,
doc.find('#profile-head.vcard .nickname').text())
eq_(profile.fullname,
doc.find('#profile-head.vcard .fn').text())
eq_(profile.title,
doc.find('#profile-head.vcard .title').text())
eq_(profile.organization,
doc.find('#profile-head.vcard .org').text())
eq_(profile.location,
doc.find('#profile-head.vcard .loc').text())
eq_('IRC: ' + profile.irc_nickname,
doc.find('#profile-head.vcard .irc').text())
eq_(profile.bio,
doc.find('#profile-head.vcard .bio').text())
def test_my_profile_view(self):
u = User.objects.get(username='******')
self.client.login(username=u.username, password=TESTUSER_PASSWORD)
resp = self.client.get(reverse('users.my_profile'))
eq_(302, resp.status_code)
ok_(reverse('users.profile', args=(u.username,)) in
resp['Location'])
def test_bug_698971(self):
"""A non-numeric page number should not cause an error"""
user = User.objects.get(username='******')
url = '%s?page=asdf' % reverse('users.profile', args=(user.username,))
try:
self.client.get(url, follow=True)
except PageNotAnInteger:
ok_(False, "Non-numeric page number should not cause an error")
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_profile_edit(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
profile = UserProfile.objects.get(user__username='******')
user = profile.user
url = reverse('users.profile', args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(0, doc.find('#profile-head .edit .button').length)
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile', args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
edit_button = doc.find('#profile-head .edit #edit-profile')
eq_(1, edit_button.length)
url = edit_button.attr('href')
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(profile.fullname,
doc.find('#profile-edit input[name="profile-fullname"]').val())
eq_(profile.title,
doc.find('#profile-edit input[name="profile-title"]').val())
eq_(profile.organization,
doc.find('#profile-edit input[name="profile-organization"]').val())
eq_(profile.location,
doc.find('#profile-edit input[name="profile-location"]').val())
eq_(profile.irc_nickname,
doc.find('#profile-edit input[name="profile-irc_nickname"]').val())
new_attrs = {
'profile-email': '*****@*****.**',
'profile-fullname': "Another Name",
'profile-title': "Another title",
'profile-organization': "Another org",
'profile-country': "us",
'profile-format': "html"
}
r = self.client.post(url, new_attrs, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-head').length)
eq_(new_attrs['profile-fullname'],
doc.find('#profile-head .main .fn').text())
eq_(new_attrs['profile-title'],
doc.find('#profile-head .info .title').text())
eq_(new_attrs['profile-organization'],
doc.find('#profile-head .info .org').text())
profile = UserProfile.objects.get(user__username=user.username)
eq_(new_attrs['profile-fullname'], profile.fullname)
eq_(new_attrs['profile-title'], profile.title)
eq_(new_attrs['profile-organization'], profile.organization)
def test_my_profile_edit(self):
u = User.objects.get(username='******')
self.client.login(username=u.username, password=TESTUSER_PASSWORD)
resp = self.client.get(reverse('users.my_profile_edit'))
eq_(302, resp.status_code)
ok_(reverse('users.profile_edit', args=(u.username,)) in
resp['Location'])
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(None, doc.find('input#id_profile-beta').attr('checked'))
form = self._get_current_form_field_values(doc)
form['profile-beta'] = True
r = self.client.post(url, form, follow=True)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_('checked', doc.find('input#id_profile-beta').attr('checked'))
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_sites = {
u'website': u'http://example.com/',
u'twitter': u'http://twitter.com/lmorchard',
u'github': u'http://github.com/lmorchard',
u'stackoverflow': u'http://stackoverflow.com/users/lmorchard',
u'linkedin': u'https://www.linkedin.com/in/testuser',
u'mozillians': u'https://mozillians.org/u/testuser',
u'facebook': u'https://www.facebook.com/test.user'
}
form = self._get_current_form_field_values(doc)
# Fill out the form with websites.
form.update(dict(('profile-websites_%s' % k, v)
for k, v in test_sites.items()))
# Submit the form, verify redirect to profile detail
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-head').length)
p = UserProfile.objects.get(user=user)
# Verify the websites are saved in the profile.
eq_(test_sites, p.websites)
# Verify the saved websites appear in the editing form
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
for k, v in test_sites.items():
eq_(v, doc.find('#profile-edit *[name="profile-websites_%s"]' % k).val())
# Come up with some bad sites, either invalid URL or bad URL prefix
bad_sites = {
u'website': u'HAHAHA WHAT IS A WEBSITE',
u'twitter': u'http://facebook.com/lmorchard',
u'stackoverflow': u'http://overqueueblah.com/users/lmorchard',
}
form.update(dict(('profile-websites_%s' % k, v)
for k, v in bad_sites.items()))
# Submit the form, verify errors for all of the bad sites
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-edit').length)
tmpl = '#profile-edit #profiles .%s .errorlist'
for n in ('website', 'twitter', 'stackoverflow'):
eq_(1, doc.find(tmpl % n).length)
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_profile_edit_interests(self,
unsubscribe,
subscribe,
lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_tags = ['javascript', 'css', 'canvas', 'html', 'homebrewing']
form = self._get_current_form_field_values(doc)
form['profile-interests'] = ', '.join(test_tags)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-head').length)
p = UserProfile.objects.get(user=user)
result_tags = [t.name.replace('profile:interest:', '')
for t in p.tags.all_ns('profile:interest:')]
result_tags.sort()
test_tags.sort()
eq_(test_tags, result_tags)
test_expertise = ['css', 'canvas']
form['profile-expertise'] = ', '.join(test_expertise)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('#profile-head').length)
p = UserProfile.objects.get(user=user)
result_tags = [t.name.replace('profile:expertise:', '')
for t in p.tags.all_ns('profile:expertise')]
result_tags.sort()
test_expertise.sort()
eq_(test_expertise, result_tags)
# Now, try some expertise tags not covered in interests
test_expertise = ['css', 'canvas', 'mobile', 'movies']
form['profile-expertise'] = ', '.join(test_expertise)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find('.error #id_profile-expertise').length)
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username, password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit', args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_tags = [u'science,Technology,paradox,knowledge,modeling,big data,'
u'vector,meme,heuristics,harmony,mathesis universalis,'
u'symmetry,mathematics,computer graphics,field,chemistry,'
u'religion,astronomy,physics,biology,literature,'
u'spirituality,Art,Philosophy,Psychology,Business,Music,'
u'Computer Science']
form = self._get_current_form_field_values(doc)
form['profile-interests'] = test_tags
r = self.client.post(url, form, follow=True)
eq_(200, r.status_code)
doc = pq(r.content)
eq_(1, doc.find('ul.errorlist li').length)
assert ('Ensure this value has at most 255 characters'
in doc.find('ul.errorlist li').text())
@mock.patch('basket.lookup_user')
@mock.patch('basket.subscribe')
@mock.patch('basket.unsubscribe')
def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user):
"""Test that the form field names are localized"""
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username='******')
self.client.login(username=user.username,
password=TESTUSER_PASSWORD)
url = reverse('users.profile_edit',
args=(user.username,))
r = self.client.get(url, follow=True)
for field in r.context['profile_form'].fields:
# if label is localized it's a lazy proxy object
ok_(not isinstance(
r.context['profile_form'].fields[field].label, basestring),
'Field %s is a string!' % field)
class ProfileViewsTest(TestCase):
fixtures = ["test_users.json"]
def setUp(self):
self.old_debug = settings.DEBUG
settings.DEBUG = True
self.client = LocalizingClient()
self.client.logout()
def tearDown(self):
settings.DEBUG = self.old_debug
def _get_current_form_field_values(self, doc):
# Scrape out the existing significant form field values.
form = dict()
for fn in (
"email",
"fullname",
"title",
"organization",
"location",
"irc_nickname",
"bio",
"interests",
"country",
"format",
):
form[fn] = doc.find('#profile-edit *[name="%s"]' % fn).val()
form["country"] = "us"
form["format"] = "html"
return form
@attr("docs_activity")
def test_profile_view(self):
"""A user profile can be viewed"""
profile = UserProfile.objects.get(user__username="******")
user = profile.user
url = reverse("devmo.views.profile_view", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(profile.user.username, doc.find("#profile-head.vcard .nickname").text())
eq_(profile.fullname, doc.find("#profile-head.vcard .fn").text())
eq_(profile.title, doc.find("#profile-head.vcard .title").text())
eq_(profile.organization, doc.find("#profile-head.vcard .org").text())
eq_(profile.location, doc.find("#profile-head.vcard .loc").text())
eq_("IRC: " + profile.irc_nickname, doc.find("#profile-head.vcard .irc").text())
eq_(profile.bio, doc.find("#profile-head.vcard .bio").text())
def test_my_profile_view(self):
u = User.objects.get(username="******")
self.client.login(username=u.username, password=TESTUSER_PASSWORD)
resp = self.client.get("/profile/")
eq_(302, resp.status_code)
ok_(reverse("devmo.views.profile_view", args=(u.username,)) in resp["Location"])
def test_bug_698971(self):
"""A non-numeric page number should not cause an error"""
(user, profile) = create_profile()
url = "%s?page=asdf" % reverse("devmo.views.profile_view", args=(user.username,))
try:
self.client.get(url, follow=True)
except PageNotAnInteger:
ok_(False, "Non-numeric page number should not cause an error")
@mock.patch("basket.lookup_user")
@mock.patch("basket.subscribe")
@mock.patch("basket.unsubscribe")
def test_profile_edit(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
profile = UserProfile.objects.get(user__username="******")
user = profile.user
url = reverse("devmo.views.profile_view", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(0, doc.find("#profile-head .edit .button").length)
self.client.login(username=user.username, password=TESTUSER_PASSWORD)
url = reverse("devmo.views.profile_view", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
edit_button = doc.find("#profile-head .edit #edit-profile")
eq_(1, edit_button.length)
url = edit_button.attr("href")
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(profile.fullname, doc.find('#profile-edit input[name="fullname"]').val())
eq_(profile.title, doc.find('#profile-edit input[name="title"]').val())
eq_(profile.organization, doc.find('#profile-edit input[name="organization"]').val())
eq_(profile.location, doc.find('#profile-edit input[name="location"]').val())
eq_(profile.irc_nickname, doc.find('#profile-edit input[name="irc_nickname"]').val())
new_attrs = dict(
email="*****@*****.**",
fullname="Another Name",
title="Another title",
organization="Another org",
country="us",
format="html",
)
r = self.client.post(url, new_attrs, follow=True)
doc = pq(r.content)
eq_(1, doc.find("#profile-head").length)
eq_(new_attrs["fullname"], doc.find("#profile-head .main .fn").text())
eq_(new_attrs["title"], doc.find("#profile-head .info .title").text())
eq_(new_attrs["organization"], doc.find("#profile-head .info .org").text())
profile = UserProfile.objects.get(user__username=user.username)
eq_(new_attrs["fullname"], profile.fullname)
eq_(new_attrs["title"], profile.title)
eq_(new_attrs["organization"], profile.organization)
def test_my_profile_edit(self):
u = User.objects.get(username="******")
self.client.login(username=u.username, password=TESTUSER_PASSWORD)
resp = self.client.get("/profile/edit")
eq_(302, resp.status_code)
ok_(reverse("devmo.views.profile_edit", args=(u.username,)) in resp["Location"])
@mock.patch("basket.lookup_user")
@mock.patch("basket.subscribe")
@mock.patch("basket.unsubscribe")
def test_profile_edit_beta(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username="******")
self.client.login(username=user.username, password=TESTUSER_PASSWORD)
url = reverse("devmo.views.profile_edit", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_(None, doc.find("input#id_beta").attr("checked"))
form = self._get_current_form_field_values(doc)
form["beta"] = True
r = self.client.post(url, form, follow=True)
url = reverse("devmo.views.profile_edit", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
eq_("checked", doc.find("input#id_beta").attr("checked"))
@mock.patch("basket.lookup_user")
@mock.patch("basket.subscribe")
@mock.patch("basket.unsubscribe")
def test_profile_edit_websites(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username="******")
self.client.login(username=user.username, password=TESTUSER_PASSWORD)
url = reverse("devmo.views.profile_edit", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_sites = {
u"website": u"http://example.com/",
u"twitter": u"http://twitter.com/lmorchard",
u"github": u"http://github.com/lmorchard",
u"stackoverflow": u"http://stackoverflow.com/users/lmorchard",
u"linkedin": u"https://www.linkedin.com/in/testuser",
u"mozillians": u"https://mozillians.org/u/testuser",
u"facebook": u"https://www.facebook.com/test.user",
}
form = self._get_current_form_field_values(doc)
# Fill out the form with websites.
form.update(dict(("websites_%s" % k, v) for k, v in test_sites.items()))
# Submit the form, verify redirect to profile detail
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find("#profile-head").length)
p = UserProfile.objects.get(user=user)
# Verify the websites are saved in the profile.
eq_(test_sites, p.websites)
# Verify the saved websites appear in the editing form
url = reverse("devmo.views.profile_edit", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
for k, v in test_sites.items():
eq_(v, doc.find('#profile-edit *[name="websites_%s"]' % k).val())
# Come up with some bad sites, either invalid URL or bad URL prefix
bad_sites = {
u"website": u"HAHAHA WHAT IS A WEBSITE",
u"twitter": u"http://facebook.com/lmorchard",
u"stackoverflow": u"http://overqueueblah.com/users/lmorchard",
}
form.update(dict(("websites_%s" % k, v) for k, v in bad_sites.items()))
# Submit the form, verify errors for all of the bad sites
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find("#profile-edit").length)
tmpl = "#profile-edit #elsewhere .%s .errorlist"
for n in ("website", "twitter", "stackoverflow"):
eq_(1, doc.find(tmpl % n).length)
@mock.patch("basket.lookup_user")
@mock.patch("basket.subscribe")
@mock.patch("basket.unsubscribe")
def test_profile_edit_interests(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username="******")
self.client.login(username=user.username, password=TESTUSER_PASSWORD)
url = reverse("devmo.views.profile_edit", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_tags = ["javascript", "css", "canvas", "html", "homebrewing"]
form = self._get_current_form_field_values(doc)
form["interests"] = ", ".join(test_tags)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find("#profile-head").length)
p = UserProfile.objects.get(user=user)
result_tags = [t.name.replace("profile:interest:", "") for t in p.tags.all_ns("profile:interest:")]
result_tags.sort()
test_tags.sort()
eq_(test_tags, result_tags)
test_expertise = ["css", "canvas"]
form["expertise"] = ", ".join(test_expertise)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find("#profile-head").length)
p = UserProfile.objects.get(user=user)
result_tags = [t.name.replace("profile:expertise:", "") for t in p.tags.all_ns("profile:expertise")]
result_tags.sort()
test_expertise.sort()
eq_(test_expertise, result_tags)
# Now, try some expertise tags not covered in interests
test_expertise = ["css", "canvas", "mobile", "movies"]
form["expertise"] = ", ".join(test_expertise)
r = self.client.post(url, form, follow=True)
doc = pq(r.content)
eq_(1, doc.find(".error #id_expertise").length)
@mock.patch("basket.lookup_user")
@mock.patch("basket.subscribe")
@mock.patch("basket.unsubscribe")
def test_bug_709938_interests(self, unsubscribe, subscribe, lookup_user):
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username="******")
self.client.login(username=user.username, password=TESTUSER_PASSWORD)
url = reverse("devmo.views.profile_edit", args=(user.username,))
r = self.client.get(url, follow=True)
doc = pq(r.content)
test_tags = [
u"science,Technology,paradox,knowledge,modeling,big data,"
u"vector,meme,heuristics,harmony,mathesis universalis,"
u"symmetry,mathematics,computer graphics,field,chemistry,"
u"religion,astronomy,physics,biology,literature,"
u"spirituality,Art,Philosophy,Psychology,Business,Music,"
u"Computer Science"
]
form = self._get_current_form_field_values(doc)
form["interests"] = test_tags
r = self.client.post(url, form, follow=True)
eq_(200, r.status_code)
doc = pq(r.content)
eq_(1, doc.find("ul.errorlist li").length)
assert "Ensure this value has at most 255 characters" in doc.find("ul.errorlist li").text()
@mock.patch("basket.lookup_user")
@mock.patch("basket.subscribe")
@mock.patch("basket.unsubscribe")
def test_bug_698126_l10n(self, unsubscribe, subscribe, lookup_user):
"""Test that the form field names are localized"""
lookup_user.return_value = mock_lookup_user()
subscribe.return_value = True
unsubscribe.return_value = True
user = User.objects.get(username="******")
self.client.login(username=user.username, password=TESTUSER_PASSWORD)
url = reverse("devmo.views.profile_edit", args=(user.username,))
r = self.client.get(url, follow=True)
for field in r.context["form"].fields:
# if label is localized it's a lazy proxy object
ok_(not isinstance(r.context["form"].fields[field].label, basestring), "Field %s is a string!" % field)
def _break(self, url, r):
logging.debug("URL %s" % url)
logging.debug("STAT %s" % r.status_code)
logging.debug("HEAD %s" % r.items())
logging.debug("CONT %s" % r.content)
ok_(False)
class LoginTestCase(TestCase):
fixtures = ['test_users.json']
def setUp(self):
self.old_debug = settings.DEBUG
settings.DEBUG = True
self.client = LocalizingClient()
self.client.logout()
def tearDown(self):
settings.DEBUG = self.old_debug
@mock.patch_object(Site.objects, 'get_current')
def test_bad_login_fails_both_backends(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
self.assertRaises(User.DoesNotExist,
User.objects.get,
username='******')
response = self.client.post(reverse('users.login'), {
'username': '******',
'password': '******'
},
follow=True)
eq_(200, response.status_code)
self.assertContains(response, 'Please enter a correct username and '
'password.')
@mock.patch_object(Site.objects, 'get_current')
def test_django_login(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
response = self.client.post(reverse('users.login'), {
'username': '******',
'password': '******'
},
follow=True)
eq_(200, response.status_code)
doc = pq(response.content)
eq_('testuser', doc.find('ul.user-state a:first').text())
@mock.patch_object(Site.objects, 'get_current')
def test_django_login_wont_redirect_to_login(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
login_uri = reverse('users.login')
response = self.client.post(login_uri, {
'username': '******',
'password': '******',
'next': login_uri
},
follow=True)
eq_(200, response.status_code)
for redirect_url, code in response.redirect_chain:
ok_(login_uri not in redirect_url,
"Found %s in redirect_chain" % login_uri)
doc = pq(response.content)
eq_('testuser', doc.find('ul.user-state a:first').text())
@mock.patch_object(Site.objects, 'get_current')
def test_logged_in_message(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
login_uri = reverse('users.login')
response = self.client.post(login_uri, {
'username': '******',
'password': '******'
},
follow=True)
eq_(200, response.status_code)
response = self.client.get(login_uri, follow=True)
eq_(200, response.status_code)
doc = pq(response.content)
eq_("You are already logged in.", doc.find('article').text())
@mock.patch_object(Site.objects, 'get_current')
def test_django_login_redirects_to_next(self, get_current):
get_current.return_value.domain = 'dev.mo.org'
login_uri = reverse('users.login')
response = self.client.post(login_uri, {
'username': '******',
'password': '******'
},
follow=True)
eq_(200, response.status_code)
response = self.client.get(login_uri, {'next': '/en-US/demos/submit'},
follow=True)
eq_('http://testserver/en-US/demos/submit',
response.redirect_chain[0][0])
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_request_properties(self, get_current):
'''_clean_next_url checks POST, GET, and REFERER'''
get_current.return_value.domain = 'dev.mo.org'
r = RequestFactory().get('/users/login', {'next': '/demos/submit'},
HTTP_REFERER='referer-trumped-by-get')
eq_('/demos/submit', _clean_next_url(r))
r = RequestFactory().post('/users/login', {'next': '/demos/submit'})
eq_('/demos/submit', _clean_next_url(r))
r = RequestFactory().get('/users/login', HTTP_REFERER='/demos/submit')
eq_('/demos/submit', _clean_next_url(r))
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_no_self_redirects(self, get_current):
'''_clean_next_url checks POST, GET, and REFERER'''
get_current.return_value.domain = 'dev.mo.org'
for next in [settings.LOGIN_URL, settings.LOGOUT_URL]:
r = RequestFactory().get('/users/login', {'next': next})
eq_(None, _clean_next_url(r))
@mock.patch_object(Site.objects, 'get_current')
def test_clean_next_url_invalid_next_parameter(self, get_current):
'''_clean_next_url cleans invalid urls'''
get_current.return_value.domain = 'dev.mo.org'
for next in self._invalid_nexts():
r = RequestFactory().get('/users/login', {'next': next})
eq_(None, _clean_next_url(r))
@mock.patch_object(Site.objects, 'get_current')
def test_login_invalid_next_parameter(self, get_current):
'''Test with an invalid ?next=http://example.com parameter.'''
get_current.return_value.domain = 'testserver.com'
valid_next = reverse('home', locale=settings.LANGUAGE_CODE)
for invalid_next in self._invalid_nexts():
# Verify that _valid_ next parameter is set in form hidden field.
response = self.client.get(
urlparams(reverse('users.login'), next=invalid_next))
eq_(200, response.status_code)
doc = pq(response.content)
eq_(valid_next, doc('input[name="next"]')[0].attrib['value'])
# Verify that it gets used on form POST.
response = self.client.post(
reverse('users.login'), {
'username': '******',
'password': '******',
'next': invalid_next
})
eq_(302, response.status_code)
eq_('http://testserver' + valid_next, response['location'])
self.client.logout()
def _invalid_nexts(self):
return ['http://foobar.com/evil/', '//goo.gl/y-bad']
