def _test_redirect_uri_grant_combination(self, redirect_uris, grant_type, is_valid): doc = User.objects.get(username='******') common_fields = { 'authorization_grant_type': grant_type, 'redirect_uris': redirect_uris, } application = self.create_oauth_application(user=doc) # This should always succeed. super(Application, application).clean() form = ApplicationChangeForm( data=dict(model_to_dict(application), **common_fields), instance=application, ) self.assertEqual(form.is_valid(), is_valid) application = Application(user=doc, **common_fields) # Ensure that the error cases of AbstractApplication.clean() matches # our implementation. if is_valid: super(Application, application).clean() else: self.assertIn('redirect_uris', form.errors) with self.assertRaises(ValidationError): super(Application, application).clean()
def test_enable_disabled_for_security(self): """Testing ApplicationChangeForm will not enable an application disabled for security """ local_site = LocalSite.objects.get(pk=1) admin = User.objects.get(username='******') owner = User.objects.get(username='******') local_site.users.remove(owner) application = self.create_oauth_application(user=admin, local_site=local_site, enabled=False, original_user=owner) self.assertTrue(application.is_disabled_for_security) self.assertEqual(application.original_user, owner) form = ApplicationChangeForm( data=dict(model_to_dict(application), enabled=True), instance=application, ) self.assertFalse(form.is_valid()) self.assertEqual(form.non_field_errors(), [ApplicationCreationForm.DISABLED_FOR_SECURITY_ERROR])
def test_reassign_client_secret(self): """Testing ApplicationChangeForm cannot re-assign client_secret""" user = User.objects.get(username='******') application = self.create_oauth_application(user) original_secret = application.client_secret form = ApplicationChangeForm( data=dict( model_to_dict(instance=application, fields=ApplicationChangeForm.base_fields, exclude=('client_id', 'client_secret')), client_secret='bar', ), instance=application, ) form.is_valid() self.assertTrue(form.is_valid()) application = form.save() self.assertEqual(application.client_secret, original_secret)
def test_reassign_client_secret(self): """Testing ApplicationChangeForm cannot re-assign client_secret""" user = User.objects.get(username='******') application = self.create_oauth_application(user) original_secret = application.client_secret form = ApplicationChangeForm( data=dict( model_to_dict( instance=application, fields=ApplicationChangeForm.base_fields, exclude=('client_id', 'client_secret') ), client_secret='bar', ), instance=application, ) form.is_valid() self.assertTrue(form.is_valid()) application = form.save() self.assertEqual(application.client_secret, original_secret)