Fix @ssl_required to look at SESSION_COOKIE_REQUIRED

kitsune/questions/tests/test_templates.py

@@ -7,7 +7,6 @@
 from django.contrib.auth.models import User
 from django.contrib.sites.models import Site
 from django.core import mail
-from django.test.utils import override_settings
 
 import mock
 from nose.tools import eq_
@@ -1401,7 +1400,6 @@ def _post_new_question(self, locale=None):
             search='A test question')
         return self.client.post(url, self.data, follow=True)
 
-    @override_settings(DEBUG=True)
     def test_full_workflow(self):
         response = self._post_new_question()
         eq_(200, response.status_code)
@@ -1434,7 +1432,6 @@ def test_full_workflow(self):
         version = question.metadata['ff_version']
         eq_('18.0.2', version)
 
-    @override_settings(DEBUG=True)
     def test_localized_creation(self):
         response = self._post_new_question(locale='pt-BR')
         eq_(200, response.status_code)
@@ -1444,7 +1441,6 @@ def test_localized_creation(self):
         question = Question.objects.filter(title='A test question')[0]
         eq_(question.locale, 'pt-BR')
 
-    @override_settings(DEBUG=True)
     def test_full_workflow_inactive(self):
         u = self.user
         u.is_active = False
@@ -1463,7 +1459,6 @@ def test_full_workflow_inactive(self):
         # And no confirmation email was sent (already sent on registration)
         eq_(0, len(mail.outbox))
 
-    @override_settings(DEBUG=True)
     def test_invalid_type(self):
         """Providing an invalid type returns 400."""
         p = product(slug='firefox', save=True)
@@ -1482,7 +1477,6 @@ def test_invalid_type(self):
         eq_(400, response.status_code)
         assert 'Request type not recognized' in response.content
 
-    @override_settings(DEBUG=True)
     @mock.patch.object(Site.objects, 'get_current')
     def test_register_through_aaq(self, get_current):
         """Registering through AAQ form sends confirmation email."""
@@ -1519,13 +1513,11 @@ def test_register_through_aaq(self, get_current):
         # Note: there was already an email sent above
         eq_(1, len(mail.outbox))
 
-    @override_settings(DEBUG=True)
     def test_invalid_product_404(self):
         url = reverse('questions.aaq_step2', args=['lipsum'])
         response = self.client.get(url)
         eq_(404, response.status_code)
 
-    @override_settings(DEBUG=True)
     def test_invalid_category_302(self):
         url = reverse('questions.aaq_step3', args=['desktop', 'lipsum'])
         response = self.client.get(url)

kitsune/questions/tests/test_views.py

@@ -160,7 +160,6 @@ def test_search_suggestions_archived_articles(self):
         assert 'donut' in doc('.result.document h3 a').text()
         assert 'cupcake' not in doc('.result.document h3 a').text()
 
-    @override_settings(DEBUG=True)
     def test_ratelimit(self):
         """Make sure posting new questions is ratelimited"""
         data = {'title': 'A test question',
@@ -187,7 +186,6 @@ def test_ratelimit(self):
         response = self.client.post(url, data, follow=True)
         eq_(403, response.status_code)
 
-    @override_settings(DEBUG=True)
     def test_first_step(self):
         """Make sure the first step doesn't blow up
 
@@ -197,7 +195,6 @@ def test_first_step(self):
         res = self.client.get(url)
         eq_(200, res.status_code)
 
-    @override_settings(DEBUG=True)
     def test_redirect_bad_locales(self):
         """Non-AAQ locales should redirect."""
         url_fr = reverse('questions.aaq_step1', locale='fr')
@@ -251,7 +248,6 @@ def test_logged_in_get(self, get_current):
         self.assertTemplateUsed(response,
                                 'questions/mobile/new_question.html')
 
-    @override_settings(DEBUG=True)
     @mock.patch.object(Site.objects, 'get_current')
     def test_logged_in_post(self, get_current):
         """New question is posted through mobile."""
@@ -264,7 +260,6 @@ def test_logged_in_post(self, get_current):
         eq_(200, response.status_code)
         assert Question.objects.filter(title='A test question')
 
-    @override_settings(DEBUG=True)
     @mock.patch.object(Site.objects, 'get_current')
     def test_aaq_new_question_inactive(self, get_current):
         """New question is posted through mobile."""

kitsune/sumo/decorators.py

@@ -9,9 +9,9 @@
 def ssl_required(view_func):
     """A view decorator that enforces HTTPS.
 
-    If settings.DEBUG is True, it doesn't enforce anything."""
+    If settings.SESSION_COOKIE_SECURE is False, it won't enforce anything."""
     def _checkssl(request, *args, **kwargs):
-        if not settings.DEBUG and not request.is_secure():
+        if settings.SESSION_COOKIE_SECURE and not request.is_secure():
             url_str = request.build_absolute_uri()
             url_str = url_str.replace('http://', 'https://')
             return http.HttpResponseRedirect(url_str)

kitsune/twitter/tests/test_auth.py

@@ -1,13 +1,10 @@
-from django.test.utils import override_settings
-
 from kitsune.sumo.tests import TestCase
 from kitsune.sumo.urlresolvers import reverse
 
 
 class TwitterMiddlewareTests(TestCase):
     """Tests for the Twitter auth middleware."""
 
-    @override_settings(DEBUG=True)
     def test_logout(self):
         """Ensure logout POST request works."""
         landing_url = reverse('customercare.landing', locale='en-US')

kitsune/users/tests/test_views.py

@@ -29,7 +29,6 @@ def setUp(self):
         self.client.logout()
         super(RegisterTests, self).setUp()
 
-    @override_settings(DEBUG=True)
     @mock.patch.object(Site.objects, 'get_current')
     def test_new_user(self, get_current):
         get_current.return_value.domain = 'su.mo.com'
@@ -60,7 +59,6 @@ def test_new_user(self, get_current):
         eq_('http://testserver/en-US/home?fpa=1',
             response.redirect_chain[0][0])
 
-    @override_settings(DEBUG=True)
     @mock.patch.object(email_utils, 'send_messages')
     @mock.patch.object(Site.objects, 'get_current')
     def test_new_user_smtp_error(self, get_current, send_messages):
@@ -75,7 +73,6 @@ def test_new_user_smtp_error(self, get_current, send_messages):
         self.assertContains(response, unicode(ERROR_SEND_EMAIL))
         assert not User.objects.filter(username='newbie').exists()
 
-    @override_settings(DEBUG=True)
     @mock.patch.object(Site.objects, 'get_current')
     def test_unicode_password(self, get_current):
         u_str = u'a1\xe5\xe5\xee\xe9\xf8\xe7\u6709\u52b9'
@@ -167,7 +164,6 @@ def test_new_user_with_questions(self, get_current):
         assert 'test_question' in response.content
         assert q.get_absolute_url() in response.content
 
-    @override_settings(DEBUG=True)
     def test_duplicate_username(self):
         u = user(save=True)
         response = self.client.post(reverse('users.register', locale='en-US'),
@@ -177,7 +173,6 @@ def test_duplicate_username(self):
                                      'password2': 'foo'}, follow=True)
         self.assertContains(response, 'already exists')
 
-    @override_settings(DEBUG=True)
     def test_duplicate_email(self):
         u = user(email='noob@example.com', save=True)
         User.objects.create(username='noob', email='noob@example.com').save()
@@ -188,7 +183,6 @@ def test_duplicate_email(self):
                                      'password2': 'foo'}, follow=True)
         self.assertContains(response, 'already exists')
 
-    @override_settings(DEBUG=True)
     def test_no_match_passwords(self):
         u = user(save=True)
         response = self.client.post(reverse('users.register', locale='en-US'),
@@ -228,7 +222,6 @@ def test_old_activation_url(self, get_current):
         user = User.objects.get(pk=user.pk)
         assert user.is_active
 
-    @override_settings(DEBUG=True)
     @mock.patch.object(Site.objects, 'get_current')
     def test_new_contributor(self, get_current):
         """Verify that interested contributors are added to group."""
@@ -412,8 +405,6 @@ def setUp(self):
         self.client.logout()
         super(SessionTests, self).setUp()
 
-    # Need to set DEBUG = True for @ssl_required to not freak out.
-    @override_settings(DEBUG=True)
     def test_login_sets_extra_cookie(self):
         """On login, set the SESSION_EXISTS_COOKIE."""
         url = reverse('users.login')
@@ -423,7 +414,6 @@ def test_login_sets_extra_cookie(self):
         c = res.cookies[settings.SESSION_EXISTS_COOKIE]
         assert 'secure' not in c.output().lower()
 
-    @override_settings(DEBUG=True)
     def test_logout_deletes_cookie(self):
         """On logout, delete the SESSION_EXISTS_COOKIE."""
         url = reverse('users.logout')
@@ -432,8 +422,7 @@ def test_logout_deletes_cookie(self):
         c = res.cookies[settings.SESSION_EXISTS_COOKIE]
         assert '1970' in c['expires']
 
-    @override_settings(DEBUG=True,
-                       SESSION_EXPIRE_AT_BROWSER_CLOSE=True)
+    @override_settings(SESSION_EXPIRE_AT_BROWSER_CLOSE=True)
     def test_expire_at_browser_close(self):
         """If SESSION_EXPIRE_AT_BROWSER_CLOSE, do expire then."""
         url = reverse('users.login')
@@ -442,8 +431,7 @@ def test_expire_at_browser_close(self):
         c = res.cookies[settings.SESSION_EXISTS_COOKIE]
         eq_('', c['max-age'])
 
-    @override_settings(DEBUG=True,
-                       SESSION_EXPIRE_AT_BROWSER_CLOSE=False,
+    @override_settings(SESSION_EXPIRE_AT_BROWSER_CLOSE=False,
                        SESSION_COOKIE_AGE=123)
     def test_expire_in_a_long_time(self):
         """If not SESSION_EXPIRE_AT_BROWSER_CLOSE, set an expiry date."""

settings_test.py

@@ -20,6 +20,8 @@
 # Some cron jobs are skipped on stage.
 STAGE = False
 
+SESSION_COOKIE_SECURE = False
+
 # This quells south's crazy debug logging
 import logging
 import south.logger