1
from django.test import TestCase
2
from django.core import signing
3
from django.core.exceptions import SuspiciousOperation
4
from django.http import HttpResponse
6
from django.contrib.auth.tests.utils import skipIfCustomUser
7
from django.contrib.formtools.wizard.storage.cookie import CookieStorage
8
from django.contrib.formtools.tests.wizard.storage import get_request, TestStorage
12
class TestCookieStorage(TestStorage, TestCase):
13
def get_storage(self):
16
def test_manipulated_cookie(self):
17
request = get_request()
18
storage = self.get_storage()('wizard1', request, None)
20
cookie_signer = signing.get_cookie_signer(storage.prefix)
22
storage.request.COOKIES[storage.prefix] = cookie_signer.sign(
23
storage.encoder.encode({'key1': 'value1'}))
25
self.assertEqual(storage.load_data(), {'key1': 'value1'})
27
storage.request.COOKIES[storage.prefix] = 'i_am_manipulated'
28
self.assertRaises(SuspiciousOperation, storage.load_data)
30
def test_reset_cookie(self):
31
request = get_request()
32
storage = self.get_storage()('wizard1', request, None)
34
storage.data = {'key1': 'value1'}
36
response = HttpResponse()
37
storage.update_response(response)
39
cookie_signer = signing.get_cookie_signer(storage.prefix)
40
signed_cookie_data = cookie_signer.sign(storage.encoder.encode(storage.data))
41
self.assertEqual(response.cookies[storage.prefix].value, signed_cookie_data)
44
storage.update_response(response)
45
unsigned_cookie_data = cookie_signer.unsign(response.cookies[storage.prefix].value)
46
self.assertJSONEqual(unsigned_cookie_data,
47
{"step_files": {}, "step": None, "extra_data": {}, "step_data": {}})