contrib.auth.tests.context_processors.AuthContextProcessorTests.test_session_not_accessed fails when project loads other middleware that access the session.
|Reported by:||Jim Dalton||Owned by:||Aymeric Augustin|
|Cc:||Jim Dalton, calvinx, dev@…||Triage Stage:||Ready for checkin|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
AuthContextProcessorTests.test_session_not_accessed()tests whether the session is accessed when a template is loaded but the auth context processor is not actually accessed in the template. Presumably it's a test that ensures unnecessary session access is avoided.
However, if you have middleware eanbled that access the session at some point in the request cycle, then request.session.accessed will be True going into the test and the test will fail -- even though the code being exercised did not actually hit the session.
As I understand it, the context processors in auth were not actually running until very recently (thanks to r16304), and I"m not sure when this test was actually introduced. I don't have an easy fix for it though. I thought setting request.session.accessed to False prior to calling
auth.tests.urls.auth_processor_no_attr_access() would do the trick -- but that just sets up a false pass. If you set it the same way in
auth.tests.urls.auth_processor_attr_access() then *that* test fails because it checks out to be False.
Does this test have to run in every project? Can it be moved to the main test suite instead of having it be part of the application tests? I'm sure it's valuable to ensure the session is not hit if the context processor is not accessed, but I'm not convinced this behavior will be influenced by any project specific code, so I'm thinking the main test suite is a better place for it. It's definitely a problem to have a test failure in contrib.auth solely because you have middleware that accesses the session.
Change History (22)
comment:12 Changed 5 years ago by
|Triage Stage:||Accepted → Ready for checkin|