def test_custom_form(self):
_old_form = settings.FORM
settings.FORM = 'lockdown.tests.forms.CustomLockdownForm'
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
try:
response = self.client.post(self.locked_url, {'answer': '42'},
follow=True)
self.assertContains(response, self.locked_contents)
finally:
settings.FORM = _old_form
middleware._default_form = middleware.get_lockdown_form(
settings.FORM)
def test_custom_form(self):
"""Test if access using a custom lockdown form works."""
_old_form = settings.FORM
settings.FORM = 'lockdown.tests.forms.CustomLockdownForm'
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
try:
response = self.client.post(self.locked_url, {'answer': '42'},
follow=True)
self.assertEqual(response.content, self.locked_contents)
finally:
settings.FORM = _old_form
middleware._default_form = middleware.get_lockdown_form(
settings.FORM)
def test_custom_form(self):
"""Test if access using a custom lockdown form works."""
_old_form = settings.FORM
settings.FORM = 'lockdown.tests.forms.CustomLockdownForm'
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
try:
response = self.client.post(self.locked_url, {'answer': '42'},
follow=True)
self.assertEqual(response.content, self.locked_contents)
finally:
settings.FORM = _old_form
middleware._default_form = middleware.get_lockdown_form(
settings.FORM)
def setUp(self):
"""Basic setup for all tests."""
self._old_pw = settings.PASSWORDS
settings.PASSWORDS = ('letmein',)
self._old_form = settings.FORM
settings.FORM = 'lockdown.forms.LockdownForm'
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
def setUp(self):
"""Basic setup for all tests."""
self._old_pw = settings.PASSWORDS
settings.PASSWORDS = ('letmein',)
self._old_form = settings.FORM
settings.FORM = 'lockdown.forms.LockdownForm'
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
def setUp(self):
self._old_middleware_classes = django_settings.MIDDLEWARE_CLASSES
self._old_template_dirs = django_settings.TEMPLATE_DIRS
django_settings.TEMPLATE_DIRS = [os.path.join(
os.path.dirname(os.path.realpath(__file__)), 'templates')]
self._old_pw = settings.PASSWORDS
settings.PASSWORDS = ('letmein',)
self._old_form = settings.FORM
settings.FORM = 'lockdown.forms.LockdownForm'
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
def tearDown(self):
django_settings.MIDDLEWARE_CLASSES = self._old_middleware_classes
django_settings.TEMPLATE_DIRS = self._old_template_dirs
settings.PASSWORDS = self._old_pw
settings.FORM = self._old_form
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
def tearDown(self):
"""Tearing down all settings made for the tests after running them."""
settings.PASSWORDS = self._old_pw
settings.FORM = self._old_form
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
def process_request(self, request):
if 'HTTP_X_LOCKDOWN' not in request.META:
return None
try:
session = request.session
except AttributeError:
raise ImproperlyConfigured('django-lockdown requires the Django '
'sessions framework')
# Don't lock down if the URL matches an exception pattern.
if self.url_exceptions:
url_exceptions = compile_url_exceptions(self.url_exceptions)
else:
url_exceptions = compile_url_exceptions(
lockdown_settings.URL_EXCEPTIONS)
for pattern in url_exceptions:
if pattern.search(request.path):
return None
# Don't lock down if outside of the lockdown dates.
if self.until_date is None:
until_date = lockdown_settings.UNTIL_DATE
else:
until_date = self.until_date
if self.after_date is None:
after_date = lockdown_settings.AFTER_DATE
else:
after_date = self.after_date
if until_date or after_date:
locked_date = False
if until_date and datetime.datetime.now() < until_date:
locked_date = True
if after_date and datetime.datetime.now() > after_date:
locked_date = True
if not locked_date:
return None
passwords = (request.META['HTTP_X_LOCKDOWN'], )
form_data = request.method == 'POST' and request.POST or None
if self.form:
form_class = self.form
else:
form_class = get_lockdown_form(lockdown_settings.FORM)
form = form_class(passwords=passwords,
data=form_data,
**self.form_kwargs)
authorized = False
token = session.get(self.session_key)
if hasattr(form, 'authenticate'):
if form.authenticate(token):
authorized = True
elif token is True:
authorized = True
if authorized and self.logout_key and self.logout_key in request.GET:
if self.session_key in session:
del session[self.session_key]
url = request.path
querystring = request.GET.copy()
del querystring[self.logout_key]
if querystring:
url = '%s?%s' % (url, querystring.urlencode())
return self.redirect(request)
# Don't lock down if the user is already authorized for previewing.
if authorized:
return None
if form.is_valid():
if hasattr(form, 'generate_token'):
token = form.generate_token()
else:
token = True
session[self.session_key] = token
return self.redirect(request)
page_data = {'until_date': until_date, 'after_date': after_date}
if not hasattr(form, 'show_form') or form.show_form():
page_data['form'] = form
response = render_to_response('lockdown/form.html', page_data)
response.status_code = 401
return response
def tearDown(self):
"""Tearing down all settings made for the tests after running them."""
settings.PASSWORDS = self._old_pw
settings.FORM = self._old_form
middleware._default_form = middleware.get_lockdown_form(settings.FORM)
