99from pathlib import Path
1010from unittest import mock , skipIf , skipUnless
1111
12+ from asgiref .sync import async_to_sync , iscoroutinefunction
13+
1214from django .core import mail
1315from django .core .files .uploadedfile import SimpleUploadedFile
1416from django .db import DatabaseError , connection
3941from django .views .decorators .debug import sensitive_post_parameters , sensitive_variables
4042
4143from ..views import (
44+ async_sensitive_method_view ,
45+ async_sensitive_method_view_nested ,
46+ async_sensitive_view ,
47+ async_sensitive_view_nested ,
4248 custom_exception_reporter_filter_view ,
4349 index_page ,
4450 multivalue_dict_key_error ,
@@ -1351,7 +1357,10 @@ def verify_unsafe_response(
13511357 Asserts that potentially sensitive info are displayed in the response.
13521358 """
13531359 request = self .rf .post ("/some_url/" , self .breakfast_data )
1354- response = view (request )
1360+ if iscoroutinefunction (view ):
1361+ response = async_to_sync (view )(request )
1362+ else :
1363+ response = view (request )
13551364 if check_for_vars :
13561365 # All variables are shown.
13571366 self .assertContains (response , "cooked_eggs" , status_code = 500 )
@@ -1371,7 +1380,10 @@ def verify_safe_response(
13711380 Asserts that certain sensitive info are not displayed in the response.
13721381 """
13731382 request = self .rf .post ("/some_url/" , self .breakfast_data )
1374- response = view (request )
1383+ if iscoroutinefunction (view ):
1384+ response = async_to_sync (view )(request )
1385+ else :
1386+ response = view (request )
13751387 if check_for_vars :
13761388 # Non-sensitive variable's name and value are shown.
13771389 self .assertContains (response , "cooked_eggs" , status_code = 500 )
@@ -1418,7 +1430,10 @@ def verify_unsafe_email(self, view, check_for_POST_params=True):
14181430 with self .settings (ADMINS = [("Admin" , "admin@fattie-breakie.com" )]):
14191431 mail .outbox = [] # Empty outbox
14201432 request = self .rf .post ("/some_url/" , self .breakfast_data )
1421- view (request )
1433+ if iscoroutinefunction (view ):
1434+ async_to_sync (view )(request )
1435+ else :
1436+ view (request )
14221437 self .assertEqual (len (mail .outbox ), 1 )
14231438 email = mail .outbox [0 ]
14241439
@@ -1451,7 +1466,10 @@ def verify_safe_email(self, view, check_for_POST_params=True):
14511466 with self .settings (ADMINS = [("Admin" , "admin@fattie-breakie.com" )]):
14521467 mail .outbox = [] # Empty outbox
14531468 request = self .rf .post ("/some_url/" , self .breakfast_data )
1454- view (request )
1469+ if iscoroutinefunction (view ):
1470+ async_to_sync (view )(request )
1471+ else :
1472+ view (request )
14551473 self .assertEqual (len (mail .outbox ), 1 )
14561474 email = mail .outbox [0 ]
14571475
@@ -1543,6 +1561,24 @@ def test_sensitive_request(self):
15431561 self .verify_safe_response (sensitive_view )
15441562 self .verify_safe_email (sensitive_view )
15451563
1564+ def test_async_sensitive_request (self ):
1565+ with self .settings (DEBUG = True ):
1566+ self .verify_unsafe_response (async_sensitive_view )
1567+ self .verify_unsafe_email (async_sensitive_view )
1568+
1569+ with self .settings (DEBUG = False ):
1570+ self .verify_safe_response (async_sensitive_view )
1571+ self .verify_safe_email (async_sensitive_view )
1572+
1573+ def test_async_sensitive_nested_request (self ):
1574+ with self .settings (DEBUG = True ):
1575+ self .verify_unsafe_response (async_sensitive_view_nested )
1576+ self .verify_unsafe_email (async_sensitive_view_nested )
1577+
1578+ with self .settings (DEBUG = False ):
1579+ self .verify_safe_response (async_sensitive_view_nested )
1580+ self .verify_safe_email (async_sensitive_view_nested )
1581+
15461582 def test_paranoid_request (self ):
15471583 """
15481584 No POST parameters and frame variables can be seen in the
@@ -1598,6 +1634,46 @@ def test_sensitive_method(self):
15981634 )
15991635 self .verify_safe_email (sensitive_method_view , check_for_POST_params = False )
16001636
1637+ def test_async_sensitive_method (self ):
1638+ """
1639+ The sensitive_variables decorator works with async object methods.
1640+ """
1641+ with self .settings (DEBUG = True ):
1642+ self .verify_unsafe_response (
1643+ async_sensitive_method_view , check_for_POST_params = False
1644+ )
1645+ self .verify_unsafe_email (
1646+ async_sensitive_method_view , check_for_POST_params = False
1647+ )
1648+
1649+ with self .settings (DEBUG = False ):
1650+ self .verify_safe_response (
1651+ async_sensitive_method_view , check_for_POST_params = False
1652+ )
1653+ self .verify_safe_email (
1654+ async_sensitive_method_view , check_for_POST_params = False
1655+ )
1656+
1657+ def test_async_sensitive_method_nested (self ):
1658+ """
1659+ The sensitive_variables decorator works with async object methods.
1660+ """
1661+ with self .settings (DEBUG = True ):
1662+ self .verify_unsafe_response (
1663+ async_sensitive_method_view_nested , check_for_POST_params = False
1664+ )
1665+ self .verify_unsafe_email (
1666+ async_sensitive_method_view_nested , check_for_POST_params = False
1667+ )
1668+
1669+ with self .settings (DEBUG = False ):
1670+ self .verify_safe_response (
1671+ async_sensitive_method_view_nested , check_for_POST_params = False
1672+ )
1673+ self .verify_safe_email (
1674+ async_sensitive_method_view_nested , check_for_POST_params = False
1675+ )
1676+
16011677 def test_sensitive_function_arguments (self ):
16021678 """
16031679 Sensitive variables don't leak in the sensitive_variables decorator's
@@ -1890,6 +1966,30 @@ def test_sensitive_request(self):
18901966 with self .settings (DEBUG = False ):
18911967 self .verify_safe_response (sensitive_view , check_for_vars = False )
18921968
1969+ def test_async_sensitive_request (self ):
1970+ """
1971+ Sensitive POST parameters cannot be seen in the default
1972+ error reports for sensitive requests.
1973+ """
1974+ with self .settings (DEBUG = True ):
1975+ self .verify_unsafe_response (async_sensitive_view , check_for_vars = False )
1976+
1977+ with self .settings (DEBUG = False ):
1978+ self .verify_safe_response (async_sensitive_view , check_for_vars = False )
1979+
1980+ def test_async_sensitive_request_nested (self ):
1981+ """
1982+ Sensitive POST parameters cannot be seen in the default
1983+ error reports for sensitive requests.
1984+ """
1985+ with self .settings (DEBUG = True ):
1986+ self .verify_unsafe_response (
1987+ async_sensitive_view_nested , check_for_vars = False
1988+ )
1989+
1990+ with self .settings (DEBUG = False ):
1991+ self .verify_safe_response (async_sensitive_view_nested , check_for_vars = False )
1992+
18931993 def test_paranoid_request (self ):
18941994 """
18951995 No POST parameters can be seen in the default error reports
0 commit comments