Feature request: user keyword argument for the click() method

Issue #20 new
Laurent Payot
created an issue

As a bug (#19) prevents me from setting REMOTE_USER once for all I have to add the keyword argument user='my_superuser' everytime I use the get() or follow() methods to access some limited access pages. Unfortunately the click() method does not have this user keyword argument and when I use it to click on a link django-webtest follows the link without being authenticated and I'm redirected to the login page. Even if #19 is fixed the click() user argument would be a nice feature.

Comments (6)

  1. Mikhail Korobov repo owner

    This is strange because to use .click you must get a response first, and if this response is from an authenticated request then .click should also result in authenticated request.

    Can you confirm that you're using '.click' for response that came from authenticated request?

  2. Laurent Payot reporter

    Here's how I was using click() before I started using WEBTEST_USER to fix it:

    def test012_media_edit_link_present_if_superuser(self):
        # media --> 301 --> book
        detail = self.app.get(reverse('www:media-detail', kwargs={'pk': "1"}), user='laurent'
                                      ).follow(user='laurent')
        # Click is done as an unlogged user --> 302 --> login page
        # using user='laurent' in follow() does'nt help, still can't access edit page.
        response = detail.click("Edit").follow(user='laurent')
        self.assertContains(response, "login into your account")
    
  3. Mikhail Korobov repo owner

    Could you try this?

    def test012_media_edit_link_present_if_superuser(self):
        # media --> 301 --> book
        url = reverse('www:media-detail', kwargs={'pk': "1"})
        detail = self.app.get(url, user='laurent').follow()
        response = detail.click("Edit").follow()
        self.assertContains(response, "login into your account")
    

    Generally, 'user' parameter should be used once, there is no need to write detail = self.app.get(url, user='laurent').follow(user='laurent') because requests issued from self.app.get(url, user='laurent') should be already authenticated.

    I don't understand why your example fails though. Maybe it fails because django's auth invalidates session on login and you used it for something.

  4. Laurent Payot reporter

    I tried your code. It still fails to authenticate. I checked with detail.showbrowser() and the displayed page is definitely a non-authenticated version of the page. Don't know what's going on internally but I'm happy using WEBTEST_USER for now so it's not a very big deal for me.

  5. Log in to comment