251 lines
8.2 KiB
Python
251 lines
8.2 KiB
Python
import re
|
|
|
|
import django
|
|
from django.contrib.auth import HASH_SESSION_KEY, get_user_model
|
|
from django.contrib.sites.models import Site
|
|
from django.core import mail
|
|
from django.test import TestCase, override_settings
|
|
|
|
from mock import patch
|
|
from fakeldap import MockLDAP
|
|
|
|
|
|
from allauth_cas.test.testcases import CASTestCase, CASViewTestCase
|
|
from .adapter import deprecate_clippers
|
|
from allauth.socialaccount.models import SocialAccount
|
|
|
|
_mock_ldap = MockLDAP()
|
|
ldap_patcher = patch('allauth_ens.adapter.ldap.initialize', lambda x: _mock_ldap)
|
|
|
|
if django.VERSION >= (1, 10):
|
|
from django.urls import reverse
|
|
else:
|
|
from django.core.urlresolvers import reverse
|
|
|
|
User = get_user_model()
|
|
|
|
|
|
def prevent_logout_pwd_change(client, user):
|
|
"""
|
|
Updating a user's password logs out all sessions for the user.
|
|
By calling this function this behavior will be prevented.
|
|
|
|
See this link, and the source code of `update_session_auth_hash`:
|
|
https://docs.djangoproject.com/en/dev/topics/auth/default/#session-invalidation-on-password-change
|
|
"""
|
|
if hasattr(user, 'get_session_auth_hash'):
|
|
session = client.session
|
|
session[HASH_SESSION_KEY] = user.get_session_auth_hash()
|
|
session.save()
|
|
|
|
"""
|
|
class ViewsTests(TestCase):
|
|
""
|
|
Checks (barely) that templates do not contain errors.
|
|
""
|
|
def setUp(self):
|
|
self.u = User.objects.create_user('user', 'user@mail.net', 'user')
|
|
|
|
Site.objects.filter(pk=1).update(domain='testserver')
|
|
|
|
def _login(self, client=None):
|
|
if client is None:
|
|
client = self.client
|
|
client.login(username='user', password='user')
|
|
|
|
def _get_confirm_email_link(self, email_msg):
|
|
m = re.search(
|
|
r'http://testserver(/accounts/confirm-email/.*/)',
|
|
email_msg.body,
|
|
)
|
|
return m.group(1)
|
|
|
|
def _get_reset_password_link(self, email_msg):
|
|
m = re.search(
|
|
r'http://testserver(/accounts/password/reset/key/.*/)',
|
|
email_msg.body,
|
|
)
|
|
return m.group(1)
|
|
|
|
def test_account_signup(self):
|
|
r = self.client.get(reverse('account_signup'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
@override_settings(
|
|
ACCOUNT_ADAPTER='tests.adapter.ClosedSignupAccountAdapter',
|
|
)
|
|
def test_account_closed_signup(self):
|
|
r = self.client.get(reverse('account_signup'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_login(self):
|
|
r = self.client.get(reverse('account_login'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_logout(self):
|
|
self._login()
|
|
r = self.client.get(reverse('account_logout'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_change_password(self):
|
|
self._login()
|
|
r = self.client.get(reverse('account_change_password'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_set_password(self):
|
|
self._login()
|
|
self.u.set_unusable_password()
|
|
self.u.save()
|
|
prevent_logout_pwd_change(self.client, self.u)
|
|
|
|
r = self.client.get(reverse('account_set_password'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_inactive(self):
|
|
r = self.client.get(reverse('account_inactive'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_email(self):
|
|
self._login()
|
|
r = self.client.get(reverse('account_email'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_email_verification_sent(self):
|
|
self._login()
|
|
r = self.client.get(reverse('account_email_verification_sent'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_confirm_email(self):
|
|
self._login()
|
|
self.client.post(reverse('account_email'), {
|
|
'action_add': '',
|
|
'email': 'test@mail.net',
|
|
})
|
|
confirm_url = self._get_confirm_email_link(mail.outbox[0])
|
|
|
|
r = self.client.get(confirm_url)
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_reset_password(self):
|
|
r = self.client.get(reverse('account_reset_password'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_reset_password_done(self):
|
|
r = self.client.get(reverse('account_reset_password_done'))
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_reset_password_from_key(self):
|
|
self.client.post(reverse('account_reset_password'), {
|
|
'email': 'user@mail.net',
|
|
})
|
|
reset_url = self._get_reset_password_link(mail.outbox[0])
|
|
|
|
r = self.client.get(reset_url, follow=True)
|
|
self.assertEqual(r.status_code, 200)
|
|
|
|
def test_account_reset_password_from_key_done(self):
|
|
r = self.client.get(reverse('account_reset_password_from_key_done'))
|
|
self.assertEqual(r.status_code, 200)
|
|
"""
|
|
|
|
class LongTermClipperTests(CASTestCase):
|
|
|
|
def setUp(self):
|
|
ldap_patcher.start()
|
|
|
|
def tearDown(self):
|
|
_mock_ldap.reset()
|
|
|
|
def _setup_ldap(self, promo=12):
|
|
import ldap
|
|
_mock_ldap.directory['dc=spi,dc=ens,dc=fr']={
|
|
'uid': ['test'],
|
|
'cn': ['John Smith'],
|
|
'mailRoutingAddress' : ['test@clipper.ens.fr'],
|
|
'homeDirectory': ["/users/%d/phy/test/" % promo],
|
|
}
|
|
|
|
|
|
def test_new_connexion(self):
|
|
self._setup_ldap()
|
|
|
|
r = self.client_cas_login(self.client, provider_id="clipper", username="test")
|
|
u = r.context['user']
|
|
|
|
self.assertEqual(u.username, "test@12")
|
|
self.assertEqual(u.first_name, "John")
|
|
self.assertEqual(u.last_name, "Smith")
|
|
self.assertEqual(u.email, "test@clipper.ens.fr")
|
|
|
|
sa = list(SocialAccount.objects.all())[-1]
|
|
self.assertEqual(sa.user.id, u.id)
|
|
|
|
def test_connect_disconnect(self):
|
|
self._setup_ldap()
|
|
r0 = self.client_cas_login(self.client, provider_id="clipper", username="test")
|
|
self.assertIn("_auth_user_id", self.client.session)
|
|
self.assertIn('user', r0.context)
|
|
|
|
r1 = self.client.logout()
|
|
self.assertNotIn("_auth_user_id", self.client.session)
|
|
|
|
def test_second_connexion(self):
|
|
self._setup_ldap()
|
|
|
|
self.client_cas_login(self.client, provider_id="clipper", username="test")
|
|
self.client.logout()
|
|
|
|
nu = User.objects.count()
|
|
|
|
self.client_cas_login(self.client, provider_id="clipper", username="test")
|
|
self.assertEqual(User.objects.count(), nu)
|
|
|
|
def test_deprecation(self):
|
|
self._setup_ldap()
|
|
self.client_cas_login(self.client, provider_id="clipper", username="test")
|
|
deprecate_clippers()
|
|
|
|
sa = SocialAccount.objects.all()[0]
|
|
self.assertEqual(sa.provider, "clipper_inactive")
|
|
|
|
def test_reconnect_after_deprecation(self):
|
|
self._setup_ldap()
|
|
r = self.client_cas_login(self.client, provider_id="clipper",
|
|
username="test")
|
|
user0 = r.context['user']
|
|
n_sa0 = SocialAccount.objects.count()
|
|
n_u0 = User.objects.count()
|
|
self.client.logout()
|
|
|
|
deprecate_clippers()
|
|
|
|
r = self.client_cas_login(self.client, provider_id="clipper",
|
|
username="test")
|
|
user1 = r.context['user']
|
|
sa1 = list(SocialAccount.objects.all())
|
|
n_u1 = User.objects.count()
|
|
self.assertEqual(len(sa1), n_sa0)
|
|
self.assertEqual(n_u1, n_u0)
|
|
self.assertEqual(user1.id, user0.id)
|
|
|
|
def test_override_inactive_account(self):
|
|
self._setup_ldap(12)
|
|
r = self.client_cas_login(self.client, provider_id="clipper",
|
|
username="test")
|
|
user0 = r.context['user']
|
|
n_sa0 = SocialAccount.objects.count()
|
|
n_u0 = User.objects.count()
|
|
self.client.logout()
|
|
|
|
deprecate_clippers()
|
|
|
|
self._setup_ldap(13)
|
|
r = self.client_cas_login(self.client, provider_id="clipper",
|
|
username="test")
|
|
|
|
user1 = r.context['user']
|
|
sa1 = list(SocialAccount.objects.all())
|
|
n_u1 = User.objects.count()
|
|
self.assertEqual(len(sa1), n_sa0+1)
|
|
self.assertEqual(n_u1, n_u0+1)
|
|
self.assertNotEqual(user1.id, user0.id)
|