Open FinnGu opened 2 years ago
Hi there
I believe i ran into a variant of this as well, the function get_current_authenticated_user()
works fine but our tests fail with errors such as:
E psycopg2.errors.ForeignKeyViolation: insert or update on table "core_country" violates foreign key constraint "core_country_created_by_id_df63df11_fk_core_user_id"
E DETAIL: Key (created_by_id)=(6) is not present in table "core_user".
it seems that during the setup of subsequent tests the 'current user' is still set, and the call to get_current_authenticated_user()
in the model save() method is trying to reference a non-existing user.
Our fix is to clear the current user after the response = self.get_response(request)
line here:
https://github.com/PaesslerAG/django-currentuser/blob/master/django_currentuser/middleware.py#L34
e.g. _set_current_user(None)
.
Is there a reason why this is not cleared in the code already ?
otherwise thanks for the module :)
-ivan
@ivan-price-acted did you modify the middleware
or how exactly did you do that?
Having the exact same issue when running tests. Somebody else has suggested a fixture here https://github.com/PaesslerAG/django-currentuser/issues/47
@alfonsrv indeed we run a version of the middleware where just after the line:
https://github.com/PaesslerAG/django-currentuser/blob/master/django_currentuser/middleware.py#L34
, i.e. once we have the response, we set the user to None.
We've not observed any bad side effects, and it avoids having to use special fixtures for the tests.
To be mega explicit:
def __call__(self, request):
# request.user closure; asserts laziness;
# memorization is implemented in
# request.user (non-data descriptor)
_do_set_current_user(lambda self: getattr(request, 'user', None))
response = self.get_response(request)
# our modification here to prevent tests from failing.
_set_current_user(None)
# end modif
return response
I'd be interested to know what dangers may befall us, for now it works.
-i
Yeah well it feels like it should be the default way to me too that the user is unset after requests. To be thread-safe and avoid the possibility of leaking information.
There already seems to be a PR regarding the topic, but it's stalled https://github.com/PaesslerAG/django-currentuser/pull/49 - tests...
ah ok i hadn't found that PR.
looking at the test that fails for me it looks like the test is not good, it is asserting the 'current user' after the request is finished.
https://github.com/PaesslerAG/django-currentuser/blob/master/tests/testapp/tests.py#L46
the assert should be inside the handling for the view, and client.login() could probably be used to avoid the call to the login endpoint which maybe adds complexity for not much gain.
In my tests, I create an object that has an
CurrentUserField
. Up until recently everything worked, but now it fails with anSQLdb.IntegrityError
after upgrading topython 3.9
,django 3.2
anddjango-currentuser 0.5.3
.I was able to resolve this by explicitly overriding the user in the
setUp()
method of my test class as follows:_set_current_user(my_user)
. Is that the recommended approach? If so, we should document it somewhere.Stacktrace: