From 99807d0a1b32d49e8220f362fcdbb2dca78a2258 Mon Sep 17 00:00:00 2001 From: Nick Sandford Date: Fri, 23 Sep 2016 14:58:29 +0100 Subject: [PATCH] Fix #192 -- AXES_DISABLE_ACCESS_LOG doesn't work. --- axes/decorators.py | 3 +-- axes/tests.py | 20 +++++++++++++++++--- requirements.txt | 1 + 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/axes/decorators.py b/axes/decorators.py index 318c614..6c7cfa7 100644 --- a/axes/decorators.py +++ b/axes/decorators.py @@ -219,8 +219,7 @@ def watch_login(func): user_agent = request.META.get('HTTP_USER_AGENT', '')[:255] http_accept = request.META.get('HTTP_ACCEPT', '')[:1025] path_info = request.META.get('PATH_INFO', '')[:255] - if not getattr(settings, 'AXES_DISABLE_ACCESS_LOG', False) or \ - login_unsuccessful: + if login_unsuccessful or not DISABLE_ACCESS_LOG: AccessLog.objects.create( user_agent=user_agent, ip_address=get_ip(request), diff --git a/axes/tests.py b/axes/tests.py index 5aa1516..e2f7f8d 100644 --- a/axes/tests.py +++ b/axes/tests.py @@ -10,6 +10,7 @@ from django.contrib.auth.models import User from django.core.urlresolvers import NoReverseMatch from django.core.urlresolvers import reverse from django.utils import six +from mock import patch from axes.settings import COOLOFF_TIME from axes.settings import FAILURE_LIMIT @@ -212,7 +213,7 @@ class AccessAttemptTest(TestCase): self.test_failure_limit_once() self.assertEquals(scope.signal_received, 2) - @override_settings(AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP=True) + @patch('axes.decorators.LOCK_OUT_BY_COMBINATION_USER_AND_IP', True) def test_lockout_by_combination_user_and_ip(self): """Tests the login lock with a valid username and invalid password when AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP is True @@ -250,7 +251,7 @@ class AccessAttemptTest(TestCase): self.assertEquals(response.status_code, 403) self.assertEquals(response.get('Content-Type'), 'application/json') - @override_settings(AXES_DISABLE_ACCESS_LOG=True) + @patch('axes.decorators.DISABLE_ACCESS_LOG', True) def test_valid_logout_without_log(self): AccessLog.objects.all().delete() @@ -260,7 +261,7 @@ class AccessAttemptTest(TestCase): self.assertEquals(AccessLog.objects.all().count(), 0) self.assertContains(response, 'Logged out') - @override_settings(AXES_DISABLE_ACCESS_LOG=True) + @patch('axes.decorators.DISABLE_ACCESS_LOG', True) def test_non_valid_login_without_log(self): AccessLog.objects.all().delete() @@ -269,6 +270,19 @@ class AccessAttemptTest(TestCase): self.assertEquals(AccessLog.objects.all().count(), 1) + @patch('axes.decorators.DISABLE_ACCESS_LOG', True) + def test_valid_login_without_log(self): + """ + A valid login doesn't generate an access attempt when + `AXES_DISABLE_ACCESS_LOG=True`. + """ + AccessLog.objects.all().delete() + + response = self._login(is_valid_username=True, is_valid_password=True) + + self.assertEqual(response.status_code, 302) + self.assertEqual(AccessLog.objects.all().count(), 0) + class UtilsTest(TestCase): def test_iso8601(self): diff --git a/requirements.txt b/requirements.txt index 908d475..0a13e7e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,4 @@ Django sphinx-rtd-theme +mock -e .