From 0420839b20bbd0281a5e5d20e778d99a948c88ee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20P=C3=A9pin?= <martin.pepin@ens.fr>
Date: Sun, 12 Feb 2017 15:19:40 +0100
Subject: [PATCH] Test the authentication

- An "outsider" must use django's authentication backend
- A user with a login_clipper should use CAS
---
 gestion/tests.py | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/gestion/tests.py b/gestion/tests.py
index 96c80bf9..a237448d 100644
--- a/gestion/tests.py
+++ b/gestion/tests.py
@@ -70,3 +70,38 @@ class TestProfile(TestCase):
         c.login(username='root', password='root')
         response = c.get('/')
         self.assertEqual(response.status_code, 200)
+
+
+class AuthTest(TestCase):
+    def test_login(self):
+        client = Client()
+        # Setup a regular Django user
+        user = User.objects.create(username="foo")
+        user.set_password("bar")
+        user.save()
+        # Test the django auth
+        resp = client.post(
+            "/outsider/login",
+            {"username": "foo", "password": "bar"},
+            follow=True
+        )
+        self.assertEqual(resp.status_code, 200)
+        resp = client.get("/logout")
+        self.assertEqual(resp.status_code, 200)
+        # Give the user a clipper login
+        user.profile.login_clipper = "foo"
+        user.profile.save()
+        # Assert that it cannot use the regular auth
+        resp = client.post(
+            "/outsider/login",
+            {"username": "foo", "password": "bar"}
+        )
+        self.assertIn("error_type", resp.context)
+        self.assertEqual(resp.context["error_type"], "use_clipper_login")
+        # Test the CAS redirect
+        resp = client.get("/cas/login")
+        self.assertEqual(resp.status_code, 302)
+        self.assertEqual(
+            resp.url.split('?')[0],
+            "https://cas.eleves.ens.fr/login"
+        )