测试用户模型是否具有密码的正确方法

Question

I have this models

from django.db import models
from django.contrib.auth.models import AbstractUser

class Account(AbstractUser):
    last_updated = models.DateTimeField(default=datetime.now, blank=False, null=False)


class User(Account):
    security_question = models.TextField(blank=True)
    security_answer = models.CharField(max_length=50, blank=True)

and this simple test case:

from django import test
from myapp import models


class UserTestCase(test.TestCase):

    def test_user_password_cannot_be_empty(self):
        def create_user_without_password():
            models.User.objects.create(
                username='usr2',
                first_name='Name',
                last_name='Name2',
                email='me@email.com'
        )

        # should throw an error
        self.assertRaises(
            Exception,
            create_user_without_password
        )

The test should pass as password is a mandatory field, yet by running python manage.py test --pattern="tests_*.py" I get

======================================================================

FAIL: test_user_password_cannot_be_empty (myapp.tests_user_testcase.UserTestCase) AssertionError: Exception not raised by create_user_without_password

---

I guess I'm testing it wrongly. What is the correct way?

---

Specs:

• Python 3.6.1
• Django 2.1.1
• Windows 10

Answer 1

You are probably running into the nature that Django Models will save blank=False fields without error. You can find lengthy debates about it. To enforce it at the model.save level, you have to overwrite the save method.

def save(self, *args, **kwargs):
    self.full_clean()
    super().save(*args, **kwargs)

Answer 2

Your code is correct, but password is a CharField so you're always able to create a user without a password this way ( CharField gets always set to empty string by default even if blank=False ).

You are also correctly calling self.assertRaises , which takes a callable . So it would be wrong to do self.assertRaises(Exception, create_user_without_password()) because that would indeed raise an exception because your function would be called twice: the exception would be NoneType is not callable. Your test would pass, but not for the correct reason!

The default Django model AbstractBaseUser doesn't force password to be set. The forms to create a user do this. The reason is, you may have a system where users are first created by other users without password so they can set the password themselves.