Ticket #10899: 10899.r16527.diff

django/test/client.py

@@ -345 +345 @@
         super(Client, self).__init__(**defaults)
         self.handler = ClientHandler(enforce_csrf_checks)
         self.exc_info = None
+        self._session_store = None
 
     def store_exc_info(self, **kwargs):
         """
@@ -356 +357 @@
         """
         Obtains the current session variables.
         """
+        if self._session_store:
+            return self._session_store
+
         if 'django.contrib.sessions.middleware.SessionMiddleware' in settings.MIDDLEWARE_CLASSES:
             engine = import_module(settings.SESSION_ENGINE)
-            cookie = self.cookies.get(settings.SESSION_COOKIE_NAME, None)
+            cookie = self.cookies.get(settings.SESSION_COOKIE_NAME)
             if cookie:
-                return engine.SessionStore(cookie.value)
-        return {}
+                session_store = engine.SessionStore(cookie.value)
+            else:
+                session_store = engine.SessionStore()
+                session_store.save()
+                self.cookies[settings.SESSION_COOKIE_NAME] = \
+                     session_store.session_key
+            self._session_store = session_store
+            return session_store
+        else:
+           return {}
     session = property(_session)
 
-
     def request(self, **request):
         """
         The master request method. Composes the environment dictionary
@@ -374 +385 @@
         """
         environ = self._base_environ(**request)
 
+        if self._session_store:
+            if getattr(self._session_store, "modified"):
+                self._session_store.save()
+
+            if 'django.contrib.sessions.middleware.SessionMiddleware' in settings.MIDDLEWARE_CLASSES:
+                # Update the session cookie since the session key can change
+                # due to login or logout and force the session to be reloaded
+                # on next access.
+                self.cookies[settings.SESSION_COOKIE_NAME] = \
+                    self._session_store.session_key
+                self._session_store = None
+
         # Curry a data dictionary into an instance of the template renderer
         # callback function.
         data = {}
@@ -505 +528 @@
         user = authenticate(**credentials)
         if user and user.is_active \
                 and 'django.contrib.sessions.middleware.SessionMiddleware' in settings.MIDDLEWARE_CLASSES:
-            engine = import_module(settings.SESSION_ENGINE)
 
             # Create a fake request to store login details.
             request = HttpRequest()
-            if self.session:
-                request.session = self.session
-            else:
-                request.session = engine.SessionStore()
+            request.session = self.session
             login(request, user)
 
             # Save the session values.
@@ -545 +564 @@
         if session_cookie:
             session.delete(session_key=session_cookie.value)
         self.cookies = SimpleCookie()
+        self._session_store = None
 
     def _handle_redirects(self, response, **extra):
         "Follows any redirects by requesting responses from the server using GET."

docs/topics/testing.txt

@@ -1001 +1001 @@
     A dictionary-like object containing session information. See the
     :doc:`session documentation</topics/http/sessions>` for full details.
 
-    To modify the session and then save it, it must be stored in a variable
-    first (because a new ``SessionStore`` is created every time this property
-    is accessed)::
+.. versionadded:: 1.4
+
+    Similar to normal Django sessions, you can manipulate sessions directly.
+    The modified values will be saved on subsequent requests.
 
         def test_something(self):
-            session = self.client.session
-            session['somekey'] = 'test'
-            session.save()
+            self.client.session['somekey'] = value
+            self.client.session['anotherkey'] = value
 
 .. _Cookie module documentation: http://docs.python.org/library/cookie.html
 

tests/regressiontests/test_client_regress/models.py

@@ -704 +704 @@
         self.assertEqual(response.status_code, 200)
         self.assertEqual(response.content, 'YES')
 
+    def test_session_manipulation(self):
+        # Check that the session can be edited as documented before #10899.
+        session = self.client.session
+        session["session_var"] = "foo"
+        session.save()
+
+        response = self.client.get('/test_client_regress/check_session/')
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.content, 'foo')
+
+    def test_direct_session_manipulation(self):
+        # Add a value to the session
+        self.client.session['session_var'] = 'bar'
+        self.assertEqual(self.client.session['session_var'], 'bar')
+
+        # Check that the session has been modified
+        response = self.client.get('/test_client_regress/check_session/')
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.content, 'bar')
+
+        # Check that the session variable persists over login
+        # when cycle_key() is called
+        self.client.login(username='testclient', password='password')
+        self.assertEqual(self.client.session['session_var'], 'bar')
+
+        response = self.client.get('/test_client_regress/check_session/')
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.content, 'bar')
+
+        # Check that new session is started after logout
+        self.client.logout()
+        self.assertEqual(self.client.session.get('session_var'), None)
+
     def test_logout(self):
         """Logout should work whether the user is logged in or not (#9978)."""
         self.client.logout()
@@ -712 +745 @@
         self.client.logout()
         self.client.logout()
 
+
 class RequestMethodTests(TestCase):
     def test_get(self):
         "Request a view via request method GET"