How do I attach a Django Oscar basket that has been created in a unit test to the request object?
# views.py
from django.contrib.auth.mixins import LoginRequiredMixin
from rest_framework.response import Response
from rest_framework.views import APIView
class BasketAPIAddView(LoginRequiredMixin, APIView):
"""
Update basket via REST API.
"""
def delete(self, request, format=None):
#
# cannot access `request.basket` here
#
return Response({})
# tests.py
from django.contrib.auth import get_user_model
from django.urls import reverse
from oscar.test.factories import create_basket
from rest_framework.test import APITestCase
User = get_user_model()
class BasketAPITests(APITestCase):
"""
Basket view test cases.
"""
def test_remove_basket_line(self):
basket = create_basket()
basket.owner = User.objects.create_user('user', password='pass')
basket.save()
self.client.login(username='user', password='password')
self.client.delete(reverse('delete-basket'))
You can do something like:
from django.contrib.auth import get_user_model
from rest_framework import status
from rest_framework.test import APIRequestFactory
from oscar.test.factories import create_basket
User = get_user_model()
class BasketAPITests(APITestCase):
def test_remove_basket_line(self):
"""Check the method BasketAPIAddView.delete works as should."""
# Create the request, note the .delete which is the operation (BasketAPIAddView.delete)
request = APIRequestFactory().delete(reverse('<your url name>'))
# Create the basket
basket = create_basket()
basket.owner = User.objects.create_user('user', password='pass')
basket.save()
# Attach the basket to the request obj
request.basket = create_basket()
# Call the endpoint, with the proper request obj
response = BasketAPIAddView.as_view()(request)
# Some verifications
...
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
...
The key is to use a request factory and have the object at your will (adding what you need).
For more details you can take a look to https://www.django-rest-framework.org/api-guide/testing/
For normal requests oscar.apps.basket.middleware.BasketMiddleware adds the basket to the request, so it is possible you need to check the settings.MIDDLEWARE that your test project is using, or that the client provided by APITestCase is running middleware.
If you're developing an API you might also want to look at the way django-oscar-api handles session management and middleware.
Related
I have the following Decorator which works fine when applied to different views with: #otp_required(login_url='login') on my site:
Decorator
from django.contrib.auth.decorators import user_passes_test
from django_otp import user_has_device
from django_otp.conf import settings
def otp_required(view=None, redirect_field_name='next', login_url=None, if_configured=False):
"""
Similar to :func:`~django.contrib.auth.decorators.login_required`, but
requires the user to be :term:`verified`. By default, this redirects users
to :setting:`OTP_LOGIN_URL`.
:param if_configured: If ``True``, an authenticated user with no confirmed
OTP devices will be allowed. Default is ``False``.
:type if_configured: bool
"""
if login_url is None:
login_url = settings.OTP_LOGIN_URL
def test(user):
return user.is_verified() or (if_configured and user.is_authenticated and not user_has_device(user))
decorator = user_passes_test(test, login_url=login_url, redirect_field_name=redirect_field_name)
return decorator if (view is None) else decorator(view)
However, I’d like to convert this into a Middleware as I want to avoid having to apply a decorator to every view on my site, but not managed to get working.
I tried to amend the following Middleware which I currently have in place which is just for authorised users and has been working but as per above decorator I want this Middleware extended to also have OTP required as well:
Middleware
from django.utils.deprecation import MiddlewareMixin
from django.urls import resolve, reverse
from django.http import HttpResponseRedirect
from wfi_workflow import settings
from django_otp import user_has_device
from django_otp.decorators import otp_required
from django_otp.middleware import is_verified
class LoginRequiredMiddleware(MiddlewareMixin):
"""
Middleware that requires a user to be authenticated to view any page other
than LOGIN_URL. Exemptions to this requirement can optionally be specified
in settings by setting a tuple of routes to ignore
"""
##otp_required(login_url='login')
def process_request(self, request):
assert hasattr(request, 'user'), """
The Login Required middleware needs to be after AuthenticationMiddleware.
Also make sure to include the template context_processor:
'django.contrib.account.context_processors.account'."""
if not request.user.is_verified() and not request.path.startswith('/admin/') and not request.path.startswith('/account/' ):
current_route_name = resolve(request.path_info).url_name
if not current_route_name in settings.AUTH_EXEMPT_ROUTES:
return HttpResponseRedirect(reverse(settings.LOGIN_URL))
Help is much appreciated.
The fact that you return a HttpResponseRedirect will not work: Django's MiddlewareMixin will simply call the function to (optionally) alter the request, but it will never take the return into account.
What you can do is define middleware in a decorator-like structure, and return the HttpResponseRedirect in case the user should be authenticated with:
from django.urls import resolve, reverse
from django.http import HttpResponseRedirect
from wfi_workflow import settings
def OTPRequiredMiddleware(get_response):
"""
Middleware that requires a user to be authenticated to view any page other
than LOGIN_URL. Exemptions to this requirement can optionally be specified
in settings by setting a tuple of routes to ignore
"""
def middleware(request):
from django_otp import user_has_device
if not user.is_verified() and not (if_configured and user.is_authenticated and not user_has_device(user)):
return HttpResponseRedirect(settings.OTP_LOGIN_URL)
return get_response(request)
I have a flask app that uses flask security for authentication. I want to use graphql with graphene to fetch data but I'm having trouble accessing the current_user proxy which is I've always used to resolve requests. graphene only provides a customized pluggable view which is understandable but it can't access the current_user within the context of the app and therefore current_user reverts back to AnonymousUser.
here is some sample code
from flask import Flask, render_template, redirect, request
from flask_security import Security, SQLAlchemySessionUserDatastore, login_required, current_user, login_user
from flask_graphql import GraphQLView
import graphene
from graphene_sqlalchemy import SQLAlchemyConnectionField
from .models import UserModel, RoleModel, Todo, TodoModel
from .pipeline import session
app = Flask(__name__, template_folder="../templates", static_folder="../static")
app.config.from_object('core.pipeline.configs.DevConfig')
user_datastore = SQLAlchemySessionUserDatastore(session, UserModel, RoleModel)
security = Security(app, user_datastore)
#app.route('/')
#login_required
def index(path):
user = current_user
return render_template('index.html')
Main issue in your code is
app.add_url_rule('/graphql', view_func=graphql_view())
Where graphql_view() run during code load without any flask request context.
Please, try this code
class GraphQLViewCurrentUser(GraphQLView):
def get_context(self, request):
context = super().get_context(request)
context.update({'current_user': current_user})
return context
app.add_url_rule(
'/graphql', view_func=GraphQLViewCurrentUser.as_view(
'graphql', schema=schema, context={}, graphiql=True))
I can't work out how to test that a Django class-based view receives the expected kwargs from a URL pattern.
If I have my urls.py:
from django.conf.urls import url
from myapp import views
urlpatterns = [
# ...
url(
regex=r"^people/(?P<pk>\d+)/$",
view=views.PersonDetailView.as_view(),
name='person_detail'
),
]
And my views.py:
from django.views.generic import DetailView
from myapp.models import Person
class PersonDetailView(DetailView):
model = Person
I can test that a request to the URL calls the correct view like this:
from django.test import TestCase
from django.urls import resolve
from myapp import views
from myapp.factories import PersonFactory
class UrlsTestCase(TestCase):
def test_person_detail_view(self):
PersonFactory(pk=3)
self.assertEqual(resolve('/people/3/').func.__name__,
views.PersonDetailView.__name__)
But I'd also like to test that a request to /people/3/ results in {'pk': '3'} being passed to PersonDetailView, and I can't work out where in a class-based view receives the kwargs in order to test it (by patching the receiving method, I guess).
Here's how I checked the id or pk on my views (I'm using Django1.11):
from menus.models import Item
from menus.views import ItemListView
from django.test import RequestFactory
from django.contrib.auth.models import User
person = User.objects.get(username='ryan')
factory = RequestFactory()
request = factory.get('/items/')
request.user = person
response = ItemListView.as_view()(request)
#prints the id or pk of the requesting user
response._request.user.pk
response._request.user.id
I've created the tests folder, written my first test that should open a browser, point to a page and login, then go to home page.
Test run and fail, as expected, but I can't find out why.
browser should be available, pytest-selenium is installed by pip.
import pytest
from django.contrib.auth.models import Group, Permission, User
from django.test import TestCase, RequestFactory
class CreaPageTest(TestCase):
def setUp(self):
self.factory = RequestFactory()
def test_homepage(self):
request = self.client.get('/new')
request.user = self.user
self.assertEqual(request.status_code, 200)
def test_login(self):
request = self.client.get('/per/login')
username_field = self.browser.find_element_by_name('username')
username_field.send_keys('peppa')
password_field = self.browser.find_element_by_name('password')
password_field.send_keys('pig')
password_field.send_keys(Keys.RETURN)
test_homepage()
> username_field = self.browser.find_element_by_name('username')
E AttributeError: 'CreaPageTest' object has no attribute 'browser'
tests/test_ore_app_views.py:27: AttributeError
what am I missing?
Any advice to examples of this kind of test is really appreciated.
You should configure self.browser inside setUp function. You are also missing an import for Keys. Code should be like this.
import pytest
from selenium import webdriver
from selenium.webdriver.common.keys import Keys
from django.contrib.auth.models import Group, Permission, User
from django.test import TestCase, RequestFactory
class CreaPageTest(TestCase):
def setUp(self):
self.factory = RequestFactory()
self.browser = webdriver.Firefox()
Also please refer to the docs, here http://selenium-python.readthedocs.org/getting-started.html
I'm trying to access the request.user object when testing my app using django's client class.
from django.test import TestCase
from django.test.client import Client
class SomeTestCase(TestCase):
def setUp(self):
self.client = Client()
self.client.login( username="foo", password="bar")
def test_one(self):
response = self.client.get("/my_profile/")
self.fail( response.request.user )
This will obviously fail, but it fails because response.request doesn't have a user attribute.
AttributeError: 'dict' object has no attribute 'user'
Is there any way to access the user object from the client instance? I want to do this in order to check if some test user's data is properly rendered. I can try to tackle this by setting up all the necessary info during setUp, but before I do that I wanted to check if I'm not just missing something.
This may seem a roundabout way of doing it but it can be useful.
Use RequestFactory, its pretty straightforward. It imitates the request object.
from django.test import TestCase, RequestFactory
from django.test.client import Client
from django.contrib.auth.models import User
class SomeTestCase(TestCase):
def setUp(self):
self.client = Client()
self.factory = RequestFactory()
self.user = User.objects.create_user(
username='foo', email='foo#bar',
password='bar')
def test_one(self):
self.client.login( username="foo", password="bar")
request = self.factory.get("/my_profile/")
request.user = self.user
#rest of your code
def tearDown(self):
self.user.delete()
I hope that was helpful.
Use response.context['user'].
User is automatically available in the template context if you use RequestContext. See auth data in templates doc.
Otherwise i believe you should just query it:
def test_one(self):
response = self.client.get("/my_profile/")
user = User.objects.get(username="foo")
self.fail( user.some_field == False )