Fix incorrect user creation in account tests

Instead of using `User.objects.create_user`, `User.objects.create` was used, which does not correctly set the password. The user was then not logged in, as they had an incorrect password. This error was not caught by the log in method, or the following tests, as the behaviour for a user with incorrect permissions was the same as for anonymous users. The code now uses the correct method, and the tests now assert that the user is actually logged in.
2026-05-12 17:23:15 +00:00 · 2016-02-23 12:56:39 +02:00 · 2016-02-23 12:56:39 +02:00 · c5dd198856
commit c5dd198856
parent c6140a06f7
10 changed files with 28 additions and 26 deletions
--- a/wagtail/contrib/settings/tests/test_admin.py
+++ b/wagtail/contrib/settings/tests/test_admin.py
@ -21,7 +21,7 @@ class TestSettingMenu(TestCase, WagtailTestUtils):
            username='test', email='test@email.com', password='password')
        user.user_permissions.add(Permission.objects.get_by_natural_key(
            codename='access_admin', app_label='wagtailadmin', model='admin'))
-        self.client.login(username='test', password='password')
+        self.assertTrue(self.client.login(username='test', password='password'))
        return user

    def test_menu_item_in_admin(self):
--- a/wagtail/tests/utils.py
+++ b/wagtail/tests/utils.py
@ -35,7 +35,9 @@ class WagtailTestUtils(object):

        user_model = get_user_model()
        # Login
-        self.client.login(password='password', **{user_model.USERNAME_FIELD: 'test@email.com'})
+        self.assertTrue(
+            self.client.login(password='password', **{user_model.USERNAME_FIELD: 'test@email.com'})
+        )

        return user

--- a/wagtail/wagtailadmin/tests/test_account_management.py
+++ b/wagtail/wagtailadmin/tests/test_account_management.py
@ -76,8 +76,8 @@ class TestAuthentication(TestCase, WagtailTestUtils):
        This tests issue #431
        """
        # Login as unprivileged user
-        get_user_model().objects.create(username='unprivileged', password='123')
-        self.client.login(username='unprivileged', password='123')
+        get_user_model().objects.create_user(username='unprivileged', password='123')
+        self.assertTrue(self.client.login(username='unprivileged', password='123'))

        # Get login page
        response = self.client.get(reverse('wagtailadmin_login'))
@ -268,7 +268,7 @@ class TestAccountManagementForNonModerator(TestCase, WagtailTestUtils):
        self.submitter = get_user_model().objects.create_user('submitter', 'submitter@example.com', 'password')
        self.submitter.groups.add(Group.objects.get(name='Editors'))

-        self.client.login(username=self.submitter.username, password='password')
+        self.assertTrue(self.client.login(username=self.submitter.username, password='password'))

    def test_notification_preferences_form_is_reduced_for_non_moderators(self):
        """
@ -297,7 +297,7 @@ class TestAccountManagementForAdminOnlyUser(TestCase, WagtailTestUtils):
        )
        self.admin_only_user.groups.add(admin_only_group)

-        self.client.login(username=self.admin_only_user.username, password='password')
+        self.assertTrue(self.client.login(username=self.admin_only_user.username, password='password'))

    def test_notification_preferences_view_redirects_for_admin_only_users(self):
        """
--- a/wagtail/wagtailadmin/tests/test_pages_views.py
+++ b/wagtail/wagtailadmin/tests/test_pages_views.py
@ -226,7 +226,7 @@ class TestPageExplorerSignposting(TestCase, WagtailTestUtils):
        self.root_page.add_child(instance=self.no_site_page)

    def test_admin_at_root(self):
-        self.client.login(username='superuser', password='password')
+        self.assertTrue(self.client.login(username='superuser', password='password'))
        response = self.client.get(reverse('wagtailadmin_explore_root'))
        self.assertEqual(response.status_code, 200)
        # Administrator (or user with add_site permission) should get the full message
@ -241,7 +241,7 @@ class TestPageExplorerSignposting(TestCase, WagtailTestUtils):
        self.assertContains(response, """<a href="/admin/sites/">Configure a site now.</a>""")

    def test_admin_at_non_site_page(self):
-        self.client.login(username='superuser', password='password')
+        self.assertTrue(self.client.login(username='superuser', password='password'))
        response = self.client.get(reverse('wagtailadmin_explore', args=(self.no_site_page.id, )))
        self.assertEqual(response.status_code, 200)
        # Administrator (or user with add_site permission) should get a warning about
@ -256,14 +256,14 @@ class TestPageExplorerSignposting(TestCase, WagtailTestUtils):
        self.assertContains(response, """<a href="/admin/sites/">Configure a site now.</a>""")

    def test_admin_at_site_page(self):
-        self.client.login(username='superuser', password='password')
+        self.assertTrue(self.client.login(username='superuser', password='password'))
        response = self.client.get(reverse('wagtailadmin_explore', args=(self.site_page.id, )))
        self.assertEqual(response.status_code, 200)
        # There should be no warning message here
        self.assertNotContains(response, "Pages created here will not be accessible")

    def test_nonadmin_at_root(self):
-        self.client.login(username='siteeditor', password='password')
+        self.assertTrue(self.client.login(username='siteeditor', password='password'))
        response = self.client.get(reverse('wagtailadmin_explore_root'))
        self.assertEqual(response.status_code, 200)
        # Non-admin should get a simple "create pages as children of the homepage" prompt
@ -274,7 +274,7 @@ class TestPageExplorerSignposting(TestCase, WagtailTestUtils):
        )

    def test_nonadmin_at_non_site_page(self):
-        self.client.login(username='siteeditor', password='password')
+        self.assertTrue(self.client.login(username='siteeditor', password='password'))
        response = self.client.get(reverse('wagtailadmin_explore', args=(self.no_site_page.id, )))
        self.assertEqual(response.status_code, 200)
        # Non-admin should get a warning about unroutable pages
@ -287,7 +287,7 @@ class TestPageExplorerSignposting(TestCase, WagtailTestUtils):
        )

    def test_nonadmin_at_site_page(self):
-        self.client.login(username='siteeditor', password='password')
+        self.assertTrue(self.client.login(username='siteeditor', password='password'))
        response = self.client.get(reverse('wagtailadmin_explore', args=(self.site_page.id, )))
        self.assertEqual(response.status_code, 200)
        # There should be no warning message here
--- a/wagtail/wagtailadmin/tests/tests.py
+++ b/wagtail/wagtailadmin/tests/tests.py
@ -64,7 +64,7 @@ class TestHome(TestCase, WagtailTestUtils):
        # cause a failure when generating Gravatar URLs
        get_user_model().objects.create_superuser(username='snowman', email='☃@thenorthpole.com', password='password')
        # Login
-        self.client.login(username='snowman', password='password')
+        self.assertTrue(self.client.login(username='snowman', password='password'))
        response = self.client.get(reverse('wagtailadmin_home'))
        self.assertEqual(response.status_code, 200)

@ -253,7 +253,7 @@ class TestUserPassesTestPermissionDecorator(TestCase):
    def test_user_passes_test(self):
        # create and log in as a user called Bob
        get_user_model().objects.create_superuser(first_name='Bob', last_name='Mortimer', username='test', email='test@email.com', password='password')
-        self.client.login(username='test', password='password')
+        self.assertTrue(self.client.login(username='test', password='password'))

        response = self.client.get(reverse('testapp_bob_only_zone'))
        self.assertEqual(response.status_code, 200)
@ -261,7 +261,7 @@ class TestUserPassesTestPermissionDecorator(TestCase):
    def test_user_fails_test(self):
        # create and log in as a user not called Bob
        get_user_model().objects.create_superuser(first_name='Vic', last_name='Reeves', username='test', email='test@email.com', password='password')
-        self.client.login(username='test', password='password')
+        self.assertTrue(self.client.login(username='test', password='password'))

        response = self.client.get(reverse('testapp_bob_only_zone'))
        self.assertRedirects(response, reverse('wagtailadmin_home'))
--- a/wagtail/wagtaildocs/tests.py
+++ b/wagtail/wagtaildocs/tests.py
@ -1148,7 +1148,7 @@ class TestEditOnlyPermissions(TestCase, WagtailTestUtils):
        user.groups.add(self.changers_group)

        user.user_permissions.add(admin_permission)
-        self.client.login(username='changeonly', password='password')
+        self.assertTrue(self.client.login(username='changeonly', password='password'))

    def test_get_index(self):
        response = self.client.get(reverse('wagtaildocs:index'))
--- a/wagtail/wagtailforms/tests.py
+++ b/wagtail/wagtailforms/tests.py
@ -184,7 +184,7 @@ class TestFormsIndex(TestCase):
    fixtures = ['test.json']

    def setUp(self):
-        self.client.login(username='siteeditor', password='password')
+        self.assertTrue(self.client.login(username='siteeditor', password='password'))
        self.form_page = Page.objects.get(url_path='/home/contact-us/')

    def make_form_pages(self):
@ -250,7 +250,7 @@ class TestFormsIndex(TestCase):

    def test_cannot_see_forms_without_permission(self):
        # Login with as a user without permission to see forms
-        self.client.login(username='eventeditor', password='password')
+        self.assertTrue(self.client.login(username='eventeditor', password='password'))

        response = self.client.get(reverse('wagtailforms:index'))

@ -399,7 +399,7 @@ class TestDeleteFormSubmission(TestCase):
    fixtures = ['test.json']

    def setUp(self):
-        self.client.login(username='siteeditor', password='password')
+        self.assertTrue(self.client.login(username='siteeditor', password='password'))
        self.form_page = Page.objects.get(url_path='/home/contact-us/')

    def test_delete_submission_show_cofirmation(self):
@ -425,7 +425,7 @@ class TestDeleteFormSubmission(TestCase):
        self.assertRedirects(response, reverse("wagtailforms:list_submissions", args=(self.form_page.id, )))

    def test_delete_submission_bad_permissions(self):
-        self.client.login(username="eventeditor", password="password")
+        self.assertTrue(self.client.login(username="eventeditor", password="password"))

        response = self.client.post(reverse(
            'wagtailforms:delete_submission',
@ -443,7 +443,7 @@ class TestIssue798(TestCase):
    fixtures = ['test.json']

    def setUp(self):
-        self.client.login(username='siteeditor', password='password')
+        self.assertTrue(self.client.login(username='siteeditor', password='password'))
        self.form_page = Page.objects.get(url_path='/home/contact-us/').specific

        # Add a number field to the page
--- a/wagtail/wagtailimages/tests/test_admin_views.py
+++ b/wagtail/wagtailimages/tests/test_admin_views.py
@ -915,7 +915,7 @@ class TestEditOnlyPermissions(TestCase, WagtailTestUtils):
        )

        user.groups.add(image_changers_group)
-        self.client.login(username='changeonly', password='password')
+        self.assertTrue(self.client.login(username='changeonly', password='password'))

    def test_get_index(self):
        response = self.client.get(reverse('wagtailimages:index'))
--- a/wagtail/wagtailsites/tests.py
+++ b/wagtail/wagtailsites/tests.py
@ -266,7 +266,7 @@ class TestLimitedPermissions(TestCase, WagtailTestUtils):
        )

        # Login
-        self.client.login(username='test', password='password')
+        self.assertTrue(self.client.login(username='test', password='password'))

        self.home_page = Page.objects.get(id=2)
        self.localhost = Site.objects.all()[0]
--- a/wagtail/wagtailsnippets/tests.py
+++ b/wagtail/wagtailsnippets/tests.py
@ -518,7 +518,7 @@ class TestAddOnlyPermissions(TestCase, WagtailTestUtils):
        add_permission = Permission.objects.get(content_type__app_label='tests', codename='add_advert')
        admin_permission = Permission.objects.get(content_type__app_label='wagtailadmin', codename='access_admin')
        user.user_permissions.add(add_permission, admin_permission)
-        self.client.login(username='addonly', password='password')
+        self.assertTrue(self.client.login(username='addonly', password='password'))

    def test_get_index(self):
        response = self.client.get(reverse('wagtailsnippets:list',
@ -562,7 +562,7 @@ class TestEditOnlyPermissions(TestCase, WagtailTestUtils):
        change_permission = Permission.objects.get(content_type__app_label='tests', codename='change_advert')
        admin_permission = Permission.objects.get(content_type__app_label='wagtailadmin', codename='access_admin')
        user.user_permissions.add(change_permission, admin_permission)
-        self.client.login(username='changeonly', password='password')
+        self.assertTrue(self.client.login(username='changeonly', password='password'))

    def test_get_index(self):
        response = self.client.get(reverse('wagtailsnippets:list',
@ -606,7 +606,7 @@ class TestDeleteOnlyPermissions(TestCase, WagtailTestUtils):
        change_permission = Permission.objects.get(content_type__app_label='tests', codename='delete_advert')
        admin_permission = Permission.objects.get(content_type__app_label='wagtailadmin', codename='access_admin')
        user.user_permissions.add(change_permission, admin_permission)
-        self.client.login(username='deleteonly', password='password')
+        self.assertTrue(self.client.login(username='deleteonly', password='password'))

    def test_get_index(self):
        response = self.client.get(reverse('wagtailsnippets:list',