Some tests and docs update.

docs/developers/auth.rst

@@ -35,10 +35,12 @@ Updates last activity timestamp on admin session.
 Closes current admin session, degrading it to "casual" session and keeps user signed in.
 
 
-.. function:: login(request, user)
+Testing Admin views using test client
+-------------------------------------
 
-Signs user in just like Django :py:func:`django.contrib.auth.login` does and then promotes session to admin session.
+To test protected admin views from within your test cases, you have to open valid admin session for test client. Misago provides :py:func:`misago.admin.testutils.admin_login` function for this purpose.
 
-.. function:: logout(request)
 
-Signs user out just like Django :py:func:`django.contrib.auth.logout` does and terminates admin session.
+.. function:: misago.admin.testutils.admin_login(client, username, password)
+
+This function will make provided test client instance use valid admin session during test requests. Note that internally this function makes POST request to ``misago:admin:index`` link that should result with admin login form for unauthenticated users.

misago/admin/auth.py

@@ -49,18 +49,23 @@ def close_admin_session(request):
     request.session.pop(KEY_UPDATED, None)
 
 
-# Login/logout wrappers for django auth used in sign in/out views
-def login(request, user):
-    start_admin_session(request, user)
-    dj_auth.login(request, user)
+# Login/logout exposed
+login = dj_auth.login
+logout = dj_auth.logout
 
 
-def logout(request):
-    close_admin_session(request)
-    dj_auth.logout(request)
+# Register signal for logout to make sure eventual admin session is closed
+def django_login_handler(sender, **kwargs):
+    request, user = kwargs['request'], kwargs['user']
+    try:
+        admin_namespace = request.admin_namespace
+    except AttributeError:
+        admin_namespace = False
+    if admin_namespace and user.is_staff:
+        start_admin_session(request, user)
+dj_auth.signals.user_logged_in.connect(django_login_handler)
 
 
-# Register signal for logout to make sure eventual admin session is closed
 def django_logout_handler(sender, **kwargs):
     close_admin_session(kwargs['request'])
 dj_auth.signals.user_logged_out.connect(django_logout_handler)

misago/admin/tests/test_admin_views.py

@@ -0,0 +1,52 @@
+from django.contrib.auth import get_user_model
+from django.core.urlresolvers import reverse
+from django.test import TestCase
+from misago.admin.testutils import admin_login
+
+
+class AdminIndexViewTests(TestCase):
+    def test_view_returns_200(self):
+        """admin index view returns 200"""
+        User = get_user_model()
+        User.objects.create_superuser('Bob', 'bob@test.com', 'Pass.123')
+        admin_login(self.client, 'Bob', 'Pass.123')
+
+        response = self.client.get(reverse('misago:admin:index'))
+
+        self.assertEqual(response.status_code, 200)
+        self.assertIn('Bob', response.content)
+
+
+class AdminLoginViewTests(TestCase):
+    def test_login_returns_200_on_get(self):
+        """unauthenticated request to admin index produces login form"""
+        response = self.client.get(reverse('misago:admin:index'))
+
+        self.assertEqual(response.status_code, 200)
+        self.assertIn('Sign in', response.content)
+        self.assertIn('Username or e-mail', response.content)
+        self.assertIn('Password', response.content)
+
+    def test_login_returns_200_on_invalid_post(self):
+        """form handles invalid data gracefully"""
+        response = self.client.post(
+            reverse('misago:admin:index'),
+            data={'username': 'Nope', 'password': 'Nope'})
+
+        self.assertEqual(response.status_code, 200)
+        self.assertIn('Your login or password is incorrect.', response.content)
+        self.assertIn('Sign in', response.content)
+        self.assertIn('Username or e-mail', response.content)
+        self.assertIn('Password', response.content)
+
+    def test_login_returns_200_on_valid_post(self):
+        """form handles valid data correctly"""
+        User = get_user_model()
+        User.objects.create_superuser('Bob', 'bob@test.com', 'Pass.123')
+
+        response = self.client.post(
+            reverse('misago:admin:index'),
+            data={'username': 'Bob', 'password': 'Pass.123'})
+
+        self.assertEqual(response.status_code, 302)
+

misago/admin/testutils.py

@@ -0,0 +1,6 @@
+from django.core.urlresolvers import reverse
+
+
+def admin_login(client, username, password):
+    client.post(reverse('misago:admin:index'),
+                data={'username': username, 'password': password})

misago/admin/views/__init__.py

@@ -5,7 +5,7 @@ from misago.admin import site
 
 def get_admin_namespace(requested_namespace):
     for namespace in settings.MISAGO_ADMIN_NAMESPACES:
-        if requested_namespace[:len(namespace)] == namespace:
+        if requested_namespace.startswith(namespace):
             return namespace
     else:
         return None