def test_non_view_callable_raises_no_reverse_match(self):
"""
Tests that passing a non-view callable into ``resolve_url`` raises a
``NoReverseMatch`` exception.
"""
with self.assertRaises(NoReverseMatch):
resolve_url(lambda: "asdf")
def test_resolve_url__non_view_callable_raises_no_reverse_match(self):
"""
Tests that passing a non-view callable into ``resolve_url`` raises a
``NoReverseMatch`` exception.
"""
with self.assertRaises(NoReverseMatch):
resolve_url(lambda: 'asdf')
def test_resolve_url__relative_path(self):
"""
Tests that passing a relative URL path to ``resolve_url`` will result
in the same url.
"""
self.assertEqual('../', resolve_url('../'))
self.assertEqual('../relative/', resolve_url('../relative/'))
self.assertEqual('./', resolve_url('./'))
self.assertEqual('./relative/', resolve_url('./relative/'))
def test_relative_path(self):
"""
Tests that passing a relative URL path to ``resolve_url`` will result
in the same url.
"""
self.assertEqual("../", resolve_url("../"))
self.assertEqual("../relative/", resolve_url("../relative/"))
self.assertEqual("./", resolve_url("./"))
self.assertEqual("./relative/", resolve_url("./relative/"))
def test_resolve_url__valid_view_name(self):
"""
Tests that passing a view function to ``resolve_url`` will result in
the URL path mapping to that view.
"""
resolved_url = resolve_url('django.contrib.auth.views.logout')
self.assertEqual('/accounts/logout/', resolved_url)
def test_resolve_url__full_url(self):
"""
Tests that passing a full URL to ``resolve_url`` will result in the
same url.
"""
url = 'http://example.com/'
self.assertEqual(url, resolve_url(url))
def release_hijack(request):
hijack_history = request.session.get('hijack_history', False)
if not hijack_history:
raise PermissionDenied
if hijack_history:
user_pk = hijack_history.pop()
user = get_object_or_404(get_user_model(), pk=user_pk)
backend = get_used_backend(request)
user.backend = "%s.%s" % (backend.__module__,
backend.__class__.__name__)
login(request, user)
if hijack_history:
request.session['hijack_history'] = hijack_history
request.session['is_hijacked_user'] = True
else:
try:
del request.session['hijack_history']
del request.session['is_hijacked_user']
except KeyError:
pass
request.session.modified = True
redirect_to = request.GET.get(
'next',
getattr(settings, 'REVERSE_HIJACK_LOGIN_REDIRECT_URL',
getattr(settings, 'LOGIN_REDIRECT_URL', '/')))
return HttpResponseRedirect(resolve_url(redirect_to))
def release_hijack(request):
hijack_history = request.session.get('hijack_history', False)
if not hijack_history:
raise PermissionDenied
if hijack_history:
user_pk = hijack_history.pop()
user = get_object_or_404(get_user_model(), pk=user_pk)
backend = get_backends()[0]
user.backend = "%s.%s" % (backend.__module__,
backend.__class__.__name__)
login(request, user)
if hijack_history:
request.session['hijack_history'] = hijack_history
request.session['is_hijacked_user'] = True
else:
try:
del request.session['hijack_history']
del request.session['is_hijacked_user']
except KeyError:
pass
request.session.modified = True
redirect_to = request.GET.get('next',
getattr(settings,
'REVERSE_HIJACK_LOGIN_REDIRECT_URL',
getattr(settings,
'LOGIN_REDIRECT_URL', '/')))
return HttpResponseRedirect(resolve_url(redirect_to))
def test_view_function(self):
"""
Tests that passing a view name to ``resolve_url`` will result in the
URL path mapping to that view name.
"""
resolved_url = resolve_url(logout)
self.assertEqual("/accounts/logout/", resolved_url)
def test_model(self):
"""
Tests that passing a model to ``resolve_url`` will result in
``get_absolute_url`` being called on that model instance.
"""
m = UnimportantThing(importance=1)
self.assertEqual(m.get_absolute_url(), resolve_url(m))
def test_full_url(self):
"""
Tests that passing a full URL to ``resolve_url`` will result in the
same url.
"""
url = "http://example.com/"
self.assertEqual(url, resolve_url(url))
def test_resolve_url__model(self):
"""
Tests that passing a model to ``resolve_url`` will result in
``get_absolute_url`` being called on that model instance.
"""
m = UnimportantThing(importance=1)
self.assertEqual(m.get_absolute_url(), resolve_url(m))
def test_resolve_url__view_function(self):
"""
Tests that passing a view name to ``resolve_url`` will result in the
URL path mapping to that view name.
"""
resolved_url = resolve_url(logout)
self.assertEqual('/accounts/logout/', resolved_url)
def test_valid_view_name(self):
"""
Tests that passing a view function to ``resolve_url`` will result in
the URL path mapping to that view.
"""
resolved_url = resolve_url("django.contrib.auth.views.logout")
self.assertEqual("/accounts/logout/", resolved_url)
def redirect_to_next(request, default_url=hijack_settings.HIJACK_LOGIN_REDIRECT_URL):
redirect_to = request.GET.get('next', '')
# is_safe_url's allowed_hosts keyword was added in Django 1.11, and became required in 2.1:
is_safe_url_kwargs = {}
if django.VERSION >= (1, 11):
is_safe_url_kwargs['allowed_hosts'] = {request.get_host()}
if not is_safe_url(redirect_to, **is_safe_url_kwargs):
redirect_to = default_url
return HttpResponseRedirect(resolve_url(redirect_to))
def login_user(request, user):
''' hijack mechanism '''
hijack_history = [request.user.pk]
if request.session.get('hijack_history'):
hijack_history = request.session['hijack_history'] + hijack_history
check_hijack_permission(request, user)
backend = get_used_backend(request)
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
login(request, user)
post_superuser_login.send(sender=None, user_id=user.pk)
request.session['is_hijacked_user'] = True
request.session['hijack_history'] = hijack_history
request.session.modified = True
redirect_to = request.GET.get(
'next',
getattr(settings, 'HIJACK_LOGIN_REDIRECT_URL',
getattr(settings, 'LOGIN_REDIRECT_URL', '/')))
return HttpResponseRedirect(resolve_url(redirect_to))
def login_user(request, user):
''' hijack mechanism '''
hijack_history = [request.user.pk]
if request.session.get('hijack_history'):
hijack_history = request.session['hijack_history'] + hijack_history
check_hijack_permission(request, user)
backend = get_backends()[0]
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
login(request, user)
post_superuser_login.send(sender=None, user_id=user.pk)
request.session['is_hijacked_user'] = True
request.session['hijack_history'] = hijack_history
request.session.modified = True
redirect_to = request.GET.get('next',
getattr(settings,
'HIJACK_LOGIN_REDIRECT_URL',
getattr(settings,
'LOGIN_REDIRECT_URL', '/')))
return HttpResponseRedirect(resolve_url(redirect_to))
def disable_hijack_warning(request):
request.session['is_hijacked_user'] = False
return HttpResponseRedirect(resolve_url(request.GET.get('next', '/')))
def redirect_to_next(request,
default_url=hijack_settings.HIJACK_LOGIN_REDIRECT_URL):
redirect_to = request.GET.get('next', '')
if not is_safe_url(redirect_to):
redirect_to = default_url
return HttpResponseRedirect(resolve_url(redirect_to))
def test_domain(self):
"""
Tests that passing a domain to ``resolve_url`` returns the same domain.
"""
self.assertEqual(resolve_url("example.com"), "example.com")
def test_url_path(self):
"""
Tests that passing a URL path to ``resolve_url`` will result in the
same url.
"""
self.assertEqual("/something/", resolve_url("/something/"))
def redirect_to_next(request, default_url=hijack_settings.HIJACK_LOGIN_REDIRECT_URL):
redirect_to = request.GET.get('next', '')
if not is_safe_url(redirect_to):
redirect_to = default_url
return HttpResponseRedirect(resolve_url(redirect_to))
def test_resolve_url__domain(self):
"""
Tests that passing a domain to ``resolve_url`` returns the same domain.
"""
self.assertEqual(resolve_url('example.com'), 'example.com')
def test_resolve_url__url_path(self):
"""
Tests that passing a URL path to ``resolve_url`` will result in the
same url.
"""
self.assertEqual('/something/', resolve_url('/something/'))
