#8404: Auth password reset tests are too restrictive about template requirements --------------------------+------------------------------------------------- Reporter: mtredinnick | Owner: nobody Status: new | Milestone: 1.0 maybe Component: Contrib apps | Version: SVN Keywords: | Stage: Unreviewed Has_patch: 0 | --------------------------+------------------------------------------------- The tests in `django.contrib.auth.tests.views.PasswordResetTest` check for a correct "failure to submit" with an invalid email address by looking for a particular error message string. The problem is that this string actually reveals that a particular email address isn't on the system. So if somebody writes a password reset template for their own sites that doesn't reveal the presence or absence of a user (an ITS requirement in some organisations, e.g. financial sites), there is no way to have that test pass.
So we need to come up with a better way to test for "success" (i.e. failure to submit the form) when the email address doesn't exist in the system. Possibly just easing back and checking for the existence of form.errors in the template rendering will be enough (or the existence of that error message in the context used for rendering), rather than checking the actual string output so carefully is enough. But maybe somebody has another idea. -- Ticket URL: <http://code.djangoproject.com/ticket/8404> Django Code <http://code.djangoproject.com/> The web framework for perfectionists with deadlines --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-updates?hl=en -~----------~----~----~----~------~----~------~--~---
