import re import django from django.contrib.auth import HASH_SESSION_KEY, get_user_model from django.contrib.sites.models import Site from django.core import mail from django.test import TestCase, override_settings from mock import patch from fakeldap import MockLDAP from allauth_cas.test.testcases import CASTestCase, CASViewTestCase from .adapter import deprecate_clippers from allauth.socialaccount.models import SocialAccount _mock_ldap = MockLDAP() ldap_patcher = patch('allauth_ens.adapter.ldap.initialize', lambda x: _mock_ldap) if django.VERSION >= (1, 10): from django.urls import reverse else: from django.core.urlresolvers import reverse User = get_user_model() def prevent_logout_pwd_change(client, user): """ Updating a user's password logs out all sessions for the user. By calling this function this behavior will be prevented. See this link, and the source code of `update_session_auth_hash`: https://docs.djangoproject.com/en/dev/topics/auth/default/#session-invalidation-on-password-change """ if hasattr(user, 'get_session_auth_hash'): session = client.session session[HASH_SESSION_KEY] = user.get_session_auth_hash() session.save() class ViewsTests(TestCase): """ Checks (barely) that templates do not contain errors. """ def setUp(self): self.u = User.objects.create_user('user', 'user@mail.net', 'user') Site.objects.filter(pk=1).update(domain='testserver') def _login(self, client=None): if client is None: client = self.client client.login(username='user', password='user') def _get_confirm_email_link(self, email_msg): m = re.search( r'http://testserver(/accounts/confirm-email/.*/)', email_msg.body, ) return m.group(1) def _get_reset_password_link(self, email_msg): m = re.search( r'http://testserver(/accounts/password/reset/key/.*/)', email_msg.body, ) return m.group(1) def test_account_signup(self): r = self.client.get(reverse('account_signup')) self.assertEqual(r.status_code, 200) @override_settings( ACCOUNT_ADAPTER='tests.adapter.ClosedSignupAccountAdapter', ) def test_account_closed_signup(self): r = self.client.get(reverse('account_signup')) self.assertEqual(r.status_code, 200) def test_account_login(self): r = self.client.get(reverse('account_login')) self.assertEqual(r.status_code, 200) def test_account_logout(self): self._login() r = self.client.get(reverse('account_logout')) self.assertEqual(r.status_code, 200) def test_account_change_password(self): self._login() r = self.client.get(reverse('account_change_password')) self.assertEqual(r.status_code, 200) def test_account_set_password(self): self._login() self.u.set_unusable_password() self.u.save() prevent_logout_pwd_change(self.client, self.u) r = self.client.get(reverse('account_set_password')) self.assertEqual(r.status_code, 200) def test_account_inactive(self): r = self.client.get(reverse('account_inactive')) self.assertEqual(r.status_code, 200) def test_account_email(self): self._login() r = self.client.get(reverse('account_email')) self.assertEqual(r.status_code, 200) def test_account_email_verification_sent(self): self._login() r = self.client.get(reverse('account_email_verification_sent')) self.assertEqual(r.status_code, 200) def test_account_confirm_email(self): self._login() self.client.post(reverse('account_email'), { 'action_add': '', 'email': 'test@mail.net', }) confirm_url = self._get_confirm_email_link(mail.outbox[0]) r = self.client.get(confirm_url) self.assertEqual(r.status_code, 200) def test_account_reset_password(self): r = self.client.get(reverse('account_reset_password')) self.assertEqual(r.status_code, 200) def test_account_reset_password_done(self): r = self.client.get(reverse('account_reset_password_done')) self.assertEqual(r.status_code, 200) def test_account_reset_password_from_key(self): self.client.post(reverse('account_reset_password'), { 'email': 'user@mail.net', }) reset_url = self._get_reset_password_link(mail.outbox[0]) r = self.client.get(reset_url, follow=True) self.assertEqual(r.status_code, 200) def test_account_reset_password_from_key_done(self): r = self.client.get(reverse('account_reset_password_from_key_done')) self.assertEqual(r.status_code, 200) @override_settings(SOCIALACCOUNT_ADAPTER='allauth_ens.adapter.LongTermClipperAccountAdapter') class LongTermClipperTests(CASTestCase): def setUp(self): ldap_patcher.start() def tearDown(self): _mock_ldap.reset() def _setup_ldap(self, promo=12, username="test"): import ldap _mock_ldap.directory['dc=spi,dc=ens,dc=fr']={ 'uid': [username], 'cn': ['John Smith'], 'mailRoutingAddress' : ['test@clipper.ens.fr'], 'homeDirectory': ["/users/%d/phy/test/" % promo], } def test_new_connexion(self): self._setup_ldap() r = self.client_cas_login(self.client, provider_id="clipper", username="test") u = r.context['user'] self.assertEqual(u.username, "test@12") self.assertEqual(u.first_name, "John") self.assertEqual(u.last_name, "Smith") self.assertEqual(u.email, "test@clipper.ens.fr") sa = list(SocialAccount.objects.all())[-1] self.assertEqual(sa.user.id, u.id) def test_connect_disconnect(self): self._setup_ldap() r0 = self.client_cas_login(self.client, provider_id="clipper", username="test") self.assertIn("_auth_user_id", self.client.session) self.assertIn('user', r0.context) r1 = self.client.logout() self.assertNotIn("_auth_user_id", self.client.session) def test_second_connexion(self): self._setup_ldap() self.client_cas_login(self.client, provider_id="clipper", username="test") self.client.logout() nu = User.objects.count() self.client_cas_login(self.client, provider_id="clipper", username="test") self.assertEqual(User.objects.count(), nu) def test_deprecation(self): self._setup_ldap() self.client_cas_login(self.client, provider_id="clipper", username="test") deprecate_clippers() sa = SocialAccount.objects.all()[0] self.assertEqual(sa.provider, "clipper_inactive") def test_reconnect_after_deprecation(self): self._setup_ldap() r = self.client_cas_login(self.client, provider_id="clipper", username="test") user0 = r.context['user'] n_sa0 = SocialAccount.objects.count() n_u0 = User.objects.count() self.client.logout() deprecate_clippers() r = self.client_cas_login(self.client, provider_id="clipper", username="test") user1 = r.context['user'] sa1 = list(SocialAccount.objects.all()) n_u1 = User.objects.count() self.assertEqual(len(sa1), n_sa0) self.assertEqual(n_u1, n_u0) self.assertEqual(user1.id, user0.id) def test_override_inactive_account(self): self._setup_ldap(12) r = self.client_cas_login(self.client, provider_id="clipper", username="test") user0 = r.context['user'] n_sa0 = SocialAccount.objects.count() n_u0 = User.objects.count() self.client.logout() deprecate_clippers() self._setup_ldap(13) r = self.client_cas_login(self.client, provider_id="clipper", username="test") user1 = r.context['user'] sa1 = list(SocialAccount.objects.all()) n_u1 = User.objects.count() self.assertEqual(len(sa1), n_sa0+1) self.assertEqual(n_u1, n_u0+1) self.assertNotEqual(user1.id, user0.id) def test_multiple_deprecation(self): self._setup_ldap(12) self._setup_ldap(15, "truc") r = self.client_cas_login(self.client, provider_id="clipper", username="test") self.client.logout() r = self.client_cas_login(self.client, provider_id="clipper", username="truc") self.client.logout() sa0 = SocialAccount.objects.count() deprecate_clippers() self._setup_ldap(13) r = self.client_cas_login(self.client, provider_id="clipper", username="test") self.client.logout() sa1 = SocialAccount.objects.count() deprecate_clippers() sa2 = SocialAccount.objects.count() # Older "test" inactive SocialAccount gets erased by new one # while "truc" remains self.assertEqual(sa0, sa2) self.assertEqual(sa1, sa0+1)