id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 30135 PermissionDenied Exception not catched HamburgerJungeJr nobody "I'm using the testclient to verfiy that only users with proper permissions can access a view. Until Django 2.0.10 I could use the following like it is described in the documentation (https://docs.djangoproject.com/en/2.0/topics/testing/tools/#exceptions) {{{ class ReportTestMethods(TestCase): def setUp(self): # Create user user = User.objects.create_user('temp', 'temp@temp.tld', 'temppass') user.first_name = 'temp_first' user.last_name = 'temp_last' user.save() # login with user self.client.login(username='temp', password='temppass') # Create tempdir temp_dir = mkdtemp() settings.MEDIA_ROOT = temp_dir # Create report report = Report.objects.create(name='test', model='MEM', jsonql_query='members', report=SimpleUploadedFile('report.jrxml', bytes('Test', 'utf-8'))) report.save() def test_report_list_permission(self): ""User should only access report list if view permission is set"" user = User.objects.get(username='temp') response = self.client.get(reverse('reporting:list')) print(response.status_code) self.assertEqual(response.status_code, 403) user.user_permissions.add(Permission.objects.get(codename='view_report')) response = self.client.get(reverse('reporting:list')) self.assertEqual(response.status_code, 200) }}} After updating to 2.1 the test raises the following exception {{{ Creating test database for alias 'default'... System check identified no issues (0 silenced). WARNING:django.request:Forbidden (Permission denied): /de/reporting/ Traceback (most recent call last): File ""/home/***/.virtualenvs/pyVerein/lib/python3.6/site-packages/django/core/handlers/exception.py"", line 34, in inner response = get_response(request) File ""/home/***/.virtualenvs/pyVerein/lib/python3.6/site-packages/django/core/handlers/base.py"", line 126, in _get_response response = self.process_exception_by_middleware(e, request) File ""/home/***/.virtualenvs/pyVerein/lib/python3.6/site-packages/django/core/handlers/base.py"", line 124, in _get_response response = wrapped_callback(request, *callback_args, **callback_kwargs) File ""/home/***/.virtualenvs/pyVerein/lib/python3.6/site-packages/django/views/generic/base.py"", line 68, in view return self.dispatch(request, *args, **kwargs) File ""/home/***/.virtualenvs/pyVerein/lib/python3.6/site-packages/django/contrib/auth/mixins.py"", line 52, in dispatch return super().dispatch(request, *args, **kwargs) File ""/home/***/.virtualenvs/pyVerein/lib/python3.6/site-packages/django/contrib/auth/mixins.py"", line 84, in dispatch return self.handle_no_permission() File ""/home/***/.virtualenvs/pyVerein/lib/python3.6/site-packages/django/contrib/auth/mixins.py"", line 43, in handle_no_permission raise PermissionDenied(self.get_permission_denied_message()) django.core.exceptions.PermissionDenied 403 . }}} The documentation still states that PermissionDenied exception will not be visible to the client. (https://docs.djangoproject.com/en/2.1/topics/testing/tools/#exceptions) " Bug closed Testing framework 2.1 Normal invalid Unreviewed 0 0 0 0 0 0