test: extract TEST_PASSWORD constant in test_views.py

marcinpsk · marcinpsk · commit 79a5e4f92c8d · 2026-03-05T10:49:19.000+01:00
diff --git a/netbox_interface_name_rules/tests/test_views.py b/netbox_interface_name_rules/tests/test_views.py
@@ -13,6 +13,8 @@
 
 User = get_user_model()
 
+TEST_PASSWORD = "testpass123"  # noqa: S105 - test credential only
+
 
 class ViewTestBase(TestCase):
     """Base class that creates a superuser and logs in."""
@@ -22,7 +24,7 @@ def setUpTestData(cls):
         """Create superuser and basic InterfaceNameRule for view tests."""
         cls.superuser = User.objects.create_superuser(
             username="viewtestuser",
-            password="testpass123",
+            password=TEST_PASSWORD,
             email="viewtest@example.com",
         )
         manufacturer = Manufacturer.objects.create(name="ViewMfg", slug="viewmfg")
@@ -47,7 +49,7 @@ def setUpTestData(cls):
 
     def setUp(self):
         """Log in the superuser before each test."""
-        self.client.login(username="viewtestuser", password="testpass123")
+        self.client.login(username="viewtestuser", password=TEST_PASSWORD)
 
 
 class RuleListViewTest(ViewTestBase):
@@ -129,8 +131,8 @@ def test_toggle_ajax_returns_json(self):
     def test_toggle_ajax_no_permission_returns_403(self):
         """Authenticated user without change permission gets 403 on AJAX toggle."""
         # Create a regular user without permissions
-        User.objects.create_user(username="noperm_user", password="testpass123")
-        self.client.login(username="noperm_user", password="testpass123")
+        User.objects.create_user(username="noperm_user", password=TEST_PASSWORD)
+        self.client.login(username="noperm_user", password=TEST_PASSWORD)
         url = self._toggle_url(self.rule.pk)
         response = self.client.post(url, HTTP_X_REQUESTED_WITH="XMLHttpRequest")
         self.assertEqual(response.status_code, 403)
@@ -342,7 +344,7 @@ class ViewTestBase2(TestCase):
     def setUpTestData(cls):
         cls.superuser = User.objects.create_superuser(
             username="covextrauser",
-            password="testpass123",
+            password=TEST_PASSWORD,
             email="covextra@example.com",
         )
         manufacturer = Manufacturer.objects.create(name="CovXMfg", slug="covxmfg")
@@ -359,7 +361,7 @@ def setUpTestData(cls):
         )
 
     def setUp(self):
-        self.client.login(username="covextrauser", password="testpass123")
+        self.client.login(username="covextrauser", password=TEST_PASSWORD)
 
 
 class RuleTestViewGetWithRuleIdTest(ViewTestBase2):
@@ -426,8 +428,8 @@ def test_post_background_action_enqueues_job(self):
 
     def test_post_no_change_permission_raises_forbidden(self):
         """POST apply without dcim.change_interface permission raises PermissionDenied (line 382-383)."""
-        User.objects.create_user(username="noperm_apply_user", password="testpass123")
-        self.client.login(username="noperm_apply_user", password="testpass123")
+        User.objects.create_user(username="noperm_apply_user", password=TEST_PASSWORD)
+        self.client.login(username="noperm_apply_user", password=TEST_PASSWORD)
         url = self._url(self.rule.pk)
         response = self.client.post(url, {"action": "apply"})
         self.assertEqual(response.status_code, 403)
@@ -449,8 +451,8 @@ def test_toggle_non_ajax_no_permission_raises_403(self):
         raises PermissionDenied when the user lacks change_interfacenamerule, which
         Django converts to a 403 response.
         """
-        User.objects.create_user(username="noperm_tog_user2", password="testpass123")
-        self.client.login(username="noperm_tog_user2", password="testpass123")
+        User.objects.create_user(username="noperm_tog_user2", password=TEST_PASSWORD)
+        self.client.login(username="noperm_tog_user2", password=TEST_PASSWORD)
         url = self._toggle_url(self.rule.pk)
         response = self.client.post(url)
         self.assertEqual(response.status_code, 403)
