fix: use consistent password in CourseUpdateAuthzTest (#38228)

wgu-taylor-payne · web-flow · commit 6d0d9107de83 · 2026-03-27T12:33:55.000-06:00
diff --git a/cms/djangoapps/contentstore/views/tests/test_course_updates.py b/cms/djangoapps/contentstore/views/tests/test_course_updates.py
@@ -336,7 +336,7 @@ def create_update_url(self, provided_id=None):
 
     def setUp(self):
         super().setUp()
-        self.auditor_user = UserFactory()
+        self.auditor_user = UserFactory(password=self.password)
         self.add_user_to_role(self.auditor_user, COURSE_AUDITOR.external_key)
 
         self.staff_client = self._make_client_for_user(self.authorized_user)
@@ -345,7 +345,7 @@ def setUp(self):
 
     def _make_client_for_user(self, user):
         client = AjaxEnabledTestClient()
-        client.login(username=user.username, password='Password1234')
+        client.login(username=user.username, password=self.password)
         return client
 
     def _create_update(self, client):
@@ -417,25 +417,25 @@ def test_unauthorized_user_cannot_post(self):
     # -- Staff/superuser without authz role: access via enforcer admin check --
 
     def test_django_staff_without_role_can_get(self):
-        staff_user = UserFactory(is_staff=True)
+        staff_user = UserFactory(is_staff=True, password=self.password)
         client = self._make_client_for_user(staff_user)
         resp = client.get_json(self.create_update_url())
         self.assertEqual(resp.status_code, 200)
 
     def test_django_staff_without_role_can_post(self):
-        staff_user = UserFactory(is_staff=True)
+        staff_user = UserFactory(is_staff=True, password=self.password)
         client = self._make_client_for_user(staff_user)
         resp = self._create_update(client)
         self.assertEqual(resp.status_code, 200)
 
     def test_superuser_without_role_can_get(self):
-        superuser = UserFactory(is_superuser=True)
+        superuser = UserFactory(is_superuser=True, password=self.password)
         client = self._make_client_for_user(superuser)
         resp = client.get_json(self.create_update_url())
         self.assertEqual(resp.status_code, 200)
 
     def test_superuser_without_role_can_post(self):
-        superuser = UserFactory(is_superuser=True)
+        superuser = UserFactory(is_superuser=True, password=self.password)
         client = self._make_client_for_user(superuser)
         resp = self._create_update(client)
         self.assertEqual(resp.status_code, 200)
