def mask(request):
"""
Disguise
"""
referer = request.META.get('HTTP_REFERER', '/')
form = DisguiseForm(request.POST or None)
if form.is_valid():
# if not hasattr(request,'original_user') or request.original_user is None:
if KEYNAME not in request.session:
request.original_user = request.user
request.session[KEYNAME] = request.original_user
# Okay, security checks complete. Log the user in.
new_user = form.get_user()
new_user.backend = 'django.contrib.auth.backends.ModelBackend'
# Change current user
request.session[SESSION_KEY] = new_user.id
request.session[BACKEND_SESSION_KEY] = new_user.backend
if hasattr(request, 'user'):
request.user = new_user
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if 'update_last_login' in form.cleaned_data:
request.user.last_login = datetime.datetime.now()
request.user.save()
return redirect(referer)
def disguise_widget(context):
request = context['request']
context.update({
'can_disguise': can_disguise(request),
'form': DisguiseForm(),
'original_user': getattr(request, 'original_user', None),
'disguise_user': request.user,
})
return context
def test_handle_invalid_username(regular_user):
form = DisguiseForm({'username': regular_user.username + '_not'})
assert not form.is_valid()
assert 'username' in form.errors
def test_form_invalid_everything():
form = DisguiseForm({})
assert not form.is_valid()
assert '__all__' in form.errors
def test_form_valid_when_correct_user_id(regular_user):
form = DisguiseForm({'user_id': regular_user.id})
assert form.is_valid()
def test_handle_valid_username(regular_user):
form = DisguiseForm({'username': regular_user.username})
assert form.is_valid()
def test_handle_invalid_user_id():
form = DisguiseForm({'user_id': 31337})
assert not form.is_valid()
assert 'user_id' in form.errors
def test_form_valid_when_correct_user_id(self):
form = DisguiseForm({'user_id': self.user.pk})
self.assertTrue(form.is_valid())
def test_form_invalid_when_wrong_user_id(self):
form = DisguiseForm({'user_id': 31337})
self.assertFalse(form.is_valid())
self.assertIn('user_id', form.errors)
def test_form_invalid_when_wrong_username(self):
form = DisguiseForm({'username': self.user.username + '_not'})
self.assertFalse(form.is_valid())
self.assertIn('username', form.errors)
def test_form_invalid_everything(self):
form = DisguiseForm({})
self.assertFalse(form.is_valid())
self.assertIn('__all__', form.errors)
def test_form_valid_when_correct_user_id(self):
form = DisguiseForm({'user_id': self.user.pk})
self.assertTrue(form.is_valid())
def test_form_invalid_when_wrong_user_id(self):
form = DisguiseForm({'user_id': 31337})
self.assertFalse(form.is_valid())
self.assertIn('user_id', form.errors)
def test_form_invalid_when_wrong_username(self):
form = DisguiseForm({'username': self.user.username + '_not'})
self.assertFalse(form.is_valid())
self.assertIn('username', form.errors)
def test_form_invalid_everything(self):
form = DisguiseForm({})
self.assertFalse(form.is_valid())
self.assertIn('__all__', form.errors)
