Ticket #4617: django-auth-decorators-plus-tests.diff

File django-auth-decorators-plus-tests.diff, 3.4 KB (added by ctrochalakis, 17 years ago)

django-auth-decorators+tests

  • django/contrib/auth/decorators.py

    diff --git a/django/contrib/auth/decorators.py b/django/contrib/auth/decorators.py
    index f3f7f53..d1d69cd 100644
    a b  
    11from django.contrib.auth import REDIRECT_FIELD_NAME
    2 from django.http import HttpResponseRedirect
     2from django.http import HttpResponseRedirect, HttpResponseForbidden
    33from django.utils.http import urlquote
    44
    55def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
    class _CheckLogin(object):  
    6060    def __call__(self, request, *args, **kwargs):
    6161        if self.test_func(request.user):
    6262            return self.view_func(request, *args, **kwargs)
    63         path = urlquote(request.get_full_path())
    64         tup = self.login_url, self.redirect_field_name, path
    65         return HttpResponseRedirect('%s?%s=%s' % tup)
     63        elif not request.user.is_authenticated():
     64            path = urlquote(request.get_full_path())
     65            tup = self.login_url, self.redirect_field_name, path
     66            return HttpResponseRedirect('%s?%s=%s' % tup)
     67        else:
     68            return HttpResponseForbidden('<h1>Permission denied</h1>')
     69
  • django/test/testcases.py

    diff --git a/django/test/testcases.py b/django/test/testcases.py
    index 1d65ee1..04246af 100644
    a b class TestCase(unittest.TestCase):  
    101101             " (expected %d)") %
    102102                 (path, redirect_response.status_code, target_status_code))
    103103
     104    def assertStatusCode(self, response, status_code):
     105        """Asserts that a response had a scecific status code."""
     106        self.assertEqual(response.status_code, status_code,
     107            ("Wrong status code: Response code was %d"
     108             " (expected %d)" % (response.status_code, status_code)))
     109
    104110    def assertContains(self, response, text, count=None, status_code=200):
    105111        """
    106112        Asserts that a response indicates that a page was retreived
  • tests/modeltests/test_client/models.py

    diff --git a/tests/modeltests/test_client/models.py b/tests/modeltests/test_client/models.py
    index 1a6e1bd..fb48e52 100644
    a b class ClientTest(TestCase):  
    325325        login = self.client.login(username='testclient', password='password')
    326326        self.failUnless(login, 'Could not log in')
    327327
    328         # Log in with wrong permissions. Should result in 302.
     328        # Log in with wrong permissions. Should result in 403 (Forbidden).
    329329        response = self.client.get('/test_client/permission_protected_view/')
    330         self.assertRedirects(response, 'http://testserver/accounts/login/?next=/test_client/permission_protected_view/')
     330        self.assertStatusCode(response, 403)
    331331
    332332        # TODO: Log in with right permissions and request the page again
    333333
    class ClientTest(TestCase):  
    342342        login = self.client.login(username='testclient', password='password')
    343343        self.failUnless(login, 'Could not log in')
    344344
    345         # Log in with wrong permissions. Should result in 302.
     345        # Log in with wrong permissions. Should result in 403 (Forbidden).
    346346        response = self.client.get('/test_client/permission_protected_method_view/')
    347         self.assertRedirects(response, 'http://testserver/accounts/login/?next=/test_client/permission_protected_method_view/')
     347        self.assertStatusCode(response, 403)
    348348
    349349        # TODO: Log in with right permissions and request the page again
    350350
Back to Top