Add test for PUT with session auth+csrf

a99a449c · Tom Christie · 7a87fc87 · a99a449c
Commit a99a449c authored Jan 11, 2012 by Tom Christie
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 4 deletions

djangorestframework/tests/authentication.py
+11 -4

No files found.
--- a/djangorestframework/tests/authentication.py
+++ b/djangorestframework/tests/authentication.py
 from django.conf.urls.defaults import patterns
 from django.contrib.auth.models import User
-from django.contrib.auth import login
 from django.test import Client, TestCase
 from django.utils import simplejson as json
-from djangorestframework.compat import RequestFactory
 from djangorestframework.views import View
 from djangorestframework import permissions
@@ -14,8 +12,12 @@ import base64
 class MockView(View):
    permissions = ( permissions.IsAuthenticated, )
    def post(self, request):
-        return {'a':1, 'b':2, 'c':3}
+        return {'a': 1, 'b': 2, 'c': 3}
+    def put(self, request):
+        return {'a': 1, 'b': 2, 'c': 3}
 urlpatterns = patterns('',
    (r'^$', MockView.as_view()),
@@ -83,8 +85,13 @@ class SessionAuthTests(TestCase):
        response = self.non_csrf_client.post('/', {'example': 'example'})
        self.assertEqual(response.status_code, 200)
+    def test_put_form_session_auth_passing(self):
+        """Ensure PUTting form over session authentication with logged in user and CSRF token passes."""
+        self.non_csrf_client.login(username=self.username, password=self.password)
+        response = self.non_csrf_client.put('/', {'example': 'example'})
+        self.assertEqual(response.status_code, 200)
    def test_post_form_session_auth_failing(self):
        """Ensure POSTing form over session authentication without logged in user fails."""
        response = self.csrf_client.post('/', {'example': 'example'})
        self.assertEqual(response.status_code, 403)