Revision e7cb4085 snf-astakos-app/astakos/im/tests.py
| b/snf-astakos-app/astakos/im/tests.py | ||
|---|---|---|
| 38 | 38 |
|
| 39 | 39 |
from snf_django.utils.testing import with_settings, override_settings |
| 40 | 40 |
|
| 41 |
from django.test import TestCase, Client |
|
| 41 |
from django.test import Client |
|
| 42 |
from django.test import TransactionTestCase as TestCase |
|
| 42 | 43 |
from django.core import mail |
| 43 | 44 |
from django.http import SimpleCookie, HttpRequest, QueryDict |
| 44 | 45 |
from django.utils.importlib import import_module |
| ... | ... | |
| 50 | 51 |
from astakos.im import functions |
| 51 | 52 |
from astakos.im import settings as astakos_settings |
| 52 | 53 |
from astakos.im import forms |
| 54 |
from astakos.im import activation_backends |
|
| 53 | 55 |
|
| 54 | 56 |
from urllib import quote |
| 55 | 57 |
from datetime import timedelta |
| ... | ... | |
| 154 | 156 |
user_params.update(kwargs) |
| 155 | 157 |
user = AstakosUser(**user_params) |
| 156 | 158 |
user.set_password(kwargs.get('password', 'password'))
|
| 159 |
user.renew_verification_code() |
|
| 157 | 160 |
user.save() |
| 158 | 161 |
user.add_auth_provider('local', auth_backend='astakos')
|
| 159 | 162 |
if kwargs.get('is_active', True):
|
| ... | ... | |
| 206 | 209 |
astakos_settings.SHIBBOLETH_REQUIRE_NAME_INFO = False |
| 207 | 210 |
|
| 208 | 211 |
# shibboleth logged us in |
| 209 |
client.set_tokens(mail="kpap@grnet.gr", eppn="kpapeppn",
|
|
| 212 |
client.set_tokens(mail="kpap@synnefo.org", eppn="kpapeppn",
|
|
| 210 | 213 |
cn="Kostas Papadimitriou", |
| 211 | 214 |
ep_affiliation="Test Affiliation") |
| 212 | 215 |
r = client.get('/im/login/shibboleth?', follow=True)
|
| ... | ... | |
| 252 | 255 |
existing_user.delete() |
| 253 | 256 |
|
| 254 | 257 |
# and finally a valid signup |
| 255 |
post_data['email'] = 'kpap@grnet.gr'
|
|
| 258 |
post_data['email'] = 'kpap@synnefo.org'
|
|
| 256 | 259 |
r = client.post(signup_url, post_data, follow=True) |
| 257 |
self.assertContains(r, messages.NOTIFICATION_SENT)
|
|
| 260 |
self.assertContains(r, messages.VERIFICATION_SENT)
|
|
| 258 | 261 |
|
| 259 |
# everything is ok in our db
|
|
| 262 |
# entires commited as expected
|
|
| 260 | 263 |
self.assertEqual(AstakosUser.objects.count(), 1) |
| 261 | 264 |
self.assertEqual(AstakosUserAuthProvider.objects.count(), 1) |
| 262 | 265 |
self.assertEqual(PendingThirdPartyUser.objects.count(), 0) |
| ... | ... | |
| 264 | 267 |
# provider info stored |
| 265 | 268 |
provider = AstakosUserAuthProvider.objects.get(module="shibboleth") |
| 266 | 269 |
self.assertEqual(provider.affiliation, 'Test Affiliation') |
| 267 |
self.assertEqual(provider.info, {u'email': u'kpap@grnet.gr',
|
|
| 270 |
self.assertEqual(provider.info, {u'email': u'kpap@synnefo.org',
|
|
| 268 | 271 |
u'eppn': u'kpapeppn', |
| 269 | 272 |
u'name': u'Kostas Papadimitriou'}) |
| 270 | 273 |
|
| 271 |
# lets login (not activated yet)
|
|
| 272 |
client.set_tokens(mail="kpap@grnet.gr", eppn="kpapeppn",
|
|
| 274 |
# login (not activated yet) |
|
| 275 |
client.set_tokens(mail="kpap@synnefo.org", eppn="kpapeppn",
|
|
| 273 | 276 |
cn="Kostas Papadimitriou", ) |
| 274 | 277 |
r = client.get("/im/login/shibboleth?", follow=True)
|
| 275 | 278 |
self.assertContains(r, 'is pending moderation') |
| 276 | 279 |
|
| 277 |
# admin activates our user |
|
| 278 |
u = AstakosUser.objects.get(username="kpap@grnet.gr") |
|
| 279 |
functions.activate(u) |
|
| 280 |
# admin activates the user |
|
| 281 |
u = AstakosUser.objects.get(username="kpap@synnefo.org") |
|
| 282 |
backend = activation_backends.get_backend() |
|
| 283 |
activation_result = backend.verify_user(u, u.verification_code) |
|
| 284 |
activation_result = backend.accept_user(u) |
|
| 285 |
self.assertFalse(activation_result.is_error()) |
|
| 286 |
backend.send_result_notifications(activation_result, u) |
|
| 280 | 287 |
self.assertEqual(u.is_active, True) |
| 281 | 288 |
|
| 282 | 289 |
# we see our profile |
| ... | ... | |
| 290 | 297 |
""" |
| 291 | 298 |
|
| 292 | 299 |
# this is our existing user |
| 293 |
existing_user = get_local_user('kpap@grnet.gr')
|
|
| 294 |
existing_inactive = get_local_user('kpap-inactive@grnet.gr')
|
|
| 300 |
existing_user = get_local_user('kpap@synnefo.org')
|
|
| 301 |
existing_inactive = get_local_user('kpap-inactive@synnefo.org')
|
|
| 295 | 302 |
existing_inactive.is_active = False |
| 296 | 303 |
existing_inactive.save() |
| 297 | 304 |
|
| 298 |
existing_unverified = get_local_user('kpap-unverified@grnet.gr')
|
|
| 305 |
existing_unverified = get_local_user('kpap-unverified@synnefo.org')
|
|
| 299 | 306 |
existing_unverified.is_active = False |
| 300 | 307 |
existing_unverified.activation_sent = None |
| 301 | 308 |
existing_unverified.email_verified = False |
| ... | ... | |
| 316 | 323 |
client.reset_tokens() |
| 317 | 324 |
self.assertRedirects(r, "/im/signup?third_party_token=%s" % token) |
| 318 | 325 |
|
| 319 |
form = r.context['login_form']
|
|
| 326 |
form = r.context['form'] |
|
| 320 | 327 |
signupdata = copy.copy(form.initial) |
| 321 |
signupdata['email'] = 'kpap@grnet.gr'
|
|
| 328 |
signupdata['email'] = 'kpap@synnefo.org'
|
|
| 322 | 329 |
signupdata['third_party_token'] = token |
| 323 | 330 |
signupdata['provider'] = 'shibboleth' |
| 324 | 331 |
signupdata.pop('id', None)
|
| ... | ... | |
| 328 | 335 |
self.assertContains(r, "There is already an account with this email " |
| 329 | 336 |
"address") |
| 330 | 337 |
# change the case, still cannot create |
| 331 |
signupdata['email'] = 'KPAP@grnet.GR'
|
|
| 338 |
signupdata['email'] = 'KPAP@synnefo.org'
|
|
| 332 | 339 |
r = client.post("/im/signup", signupdata)
|
| 333 | 340 |
self.assertContains(r, "There is already an account with this email " |
| 334 | 341 |
"address") |
| 335 | 342 |
# inactive user |
| 336 |
signupdata['email'] = 'KPAP-inactive@grnet.GR'
|
|
| 343 |
signupdata['email'] = 'KPAP-inactive@synnefo.org'
|
|
| 337 | 344 |
r = client.post("/im/signup", signupdata)
|
| 338 | 345 |
self.assertContains(r, "There is already an account with this email " |
| 339 | 346 |
"address") |
| 340 | 347 |
|
| 341 | 348 |
# unverified user, this should pass, old entry will be deleted |
| 342 |
signupdata['email'] = 'KAPAP-unverified@grnet.GR'
|
|
| 349 |
signupdata['email'] = 'KAPAP-unverified@synnefo.org'
|
|
| 343 | 350 |
r = client.post("/im/signup", signupdata)
|
| 344 | 351 |
|
| 345 | 352 |
post_data = {'password': 'password',
|
| 346 |
'username': 'kpap@grnet.gr'}
|
|
| 353 |
'username': 'kpap@synnefo.org'}
|
|
| 347 | 354 |
r = client.post('/im/local', post_data, follow=True)
|
| 348 | 355 |
self.assertTrue(r.context['request'].user.is_authenticated()) |
| 349 | 356 |
client.set_tokens(mail="kpap@shibboleth.gr", eppn="kpapeppn", |
| ... | ... | |
| 363 | 370 |
cn="Kostas Papadimitriou") |
| 364 | 371 |
r = client.get("/im/login/shibboleth?", follow=True)
|
| 365 | 372 |
self.assertTrue(r.context['request'].user.is_authenticated()) |
| 366 |
self.assertTrue(r.context['request'].user.email == "kpap@grnet.gr")
|
|
| 373 |
self.assertTrue(r.context['request'].user.email == "kpap@synnefo.org")
|
|
| 367 | 374 |
self.assertRedirects(r, '/im/landing') |
| 368 | 375 |
self.assertEqual(r.status_code, 200) |
| 369 | 376 |
client.logout() |
| ... | ... | |
| 375 | 382 |
|
| 376 | 383 |
# login with local account also works |
| 377 | 384 |
post_data = {'password': 'password',
|
| 378 |
'username': 'kpap@grnet.gr'}
|
|
| 385 |
'username': 'kpap@synnefo.org'}
|
|
| 379 | 386 |
r = self.client.post('/im/local', post_data, follow=True)
|
| 380 | 387 |
self.assertTrue(r.context['request'].user.is_authenticated()) |
| 381 |
self.assertTrue(r.context['request'].user.email == "kpap@grnet.gr")
|
|
| 388 |
self.assertTrue(r.context['request'].user.email == "kpap@synnefo.org")
|
|
| 382 | 389 |
self.assertRedirects(r, '/im/landing') |
| 383 | 390 |
self.assertEqual(r.status_code, 200) |
| 384 | 391 |
|
| ... | ... | |
| 403 | 410 |
client.reset_tokens() |
| 404 | 411 |
|
| 405 | 412 |
# cannot login with another eppn |
| 406 |
client.set_tokens(mail="kpap@grnet.gr", eppn="kpapeppninvalid",
|
|
| 413 |
client.set_tokens(mail="kpap@synnefo.org", eppn="kpapeppninvalid",
|
|
| 407 | 414 |
cn="Kostas Papadimitriou") |
| 408 | 415 |
r = client.get("/im/login/shibboleth?", follow=True)
|
| 409 | 416 |
self.assertFalse(r.context['request'].user.is_authenticated()) |
| ... | ... | |
| 411 | 418 |
# cannot |
| 412 | 419 |
|
| 413 | 420 |
# lets remove local password |
| 414 |
user = AstakosUser.objects.get(username="kpap@grnet.gr",
|
|
| 415 |
email="kpap@grnet.gr")
|
|
| 421 |
user = AstakosUser.objects.get(username="kpap@synnefo.org",
|
|
| 422 |
email="kpap@synnefo.org")
|
|
| 416 | 423 |
remove_local_url = user.get_auth_provider('local').get_remove_url
|
| 417 | 424 |
remove_shibbo_url = user.get_auth_provider('shibboleth',
|
| 418 | 425 |
'kpapeppn').get_remove_url |
| ... | ... | |
| 432 | 439 |
|
| 433 | 440 |
# cannot login using local credentials (notice we use another client) |
| 434 | 441 |
post_data = {'password': 'password',
|
| 435 |
'username': 'kpap@grnet.gr'}
|
|
| 442 |
'username': 'kpap@synnefo.org'}
|
|
| 436 | 443 |
r = self.client.post('/im/local', post_data, follow=True)
|
| 437 | 444 |
self.assertFalse(r.context['request'].user.is_authenticated()) |
| 438 | 445 |
|
| ... | ... | |
| 450 | 457 |
|
| 451 | 458 |
# now we can login |
| 452 | 459 |
post_data = {'password': '111',
|
| 453 |
'username': 'kpap@grnet.gr'}
|
|
| 460 |
'username': 'kpap@synnefo.org'}
|
|
| 454 | 461 |
r = self.client.post('/im/local', post_data, follow=True)
|
| 455 | 462 |
self.assertTrue(r.context['request'].user.is_authenticated()) |
| 456 | 463 |
|
| 457 | 464 |
client.reset_tokens() |
| 458 | 465 |
|
| 459 | 466 |
# we cannot take over another shibboleth identifier |
| 460 |
user2 = get_local_user('another@grnet.gr')
|
|
| 467 |
user2 = get_local_user('another@synnefo.org')
|
|
| 461 | 468 |
user2.add_auth_provider('shibboleth', identifier='existingeppn')
|
| 462 | 469 |
# login |
| 463 | 470 |
client.set_tokens(mail="kpap@shibboleth.gr", eppn="kpapeppn", |
| ... | ... | |
| 475 | 482 |
fixtures = ['groups'] |
| 476 | 483 |
|
| 477 | 484 |
def setUp(self): |
| 478 |
settings.ADMINS = (('admin', 'support@cloud.grnet.gr'),)
|
|
| 479 |
settings.SERVER_EMAIL = 'no-reply@grnet.gr'
|
|
| 485 |
settings.ADMINS = (('admin', 'support@cloud.synnefo.org'),)
|
|
| 486 |
settings.SERVER_EMAIL = 'no-reply@synnefo.org'
|
|
| 480 | 487 |
self._orig_moderation = astakos_settings.MODERATION_ENABLED |
| 481 | 488 |
settings.ASTAKOS_MODERATION_ENABLED = True |
| 482 | 489 |
|
| ... | ... | |
| 490 | 497 |
# create a new user |
| 491 | 498 |
r = self.client.get("/im/signup")
|
| 492 | 499 |
self.assertEqual(r.status_code, 200) |
| 493 |
data = {'email': 'kpap@grnet.gr', 'password1': 'password',
|
|
| 500 |
data = {'email': 'kpap@synnefo.org', 'password1': 'password',
|
|
| 494 | 501 |
'password2': 'password', 'first_name': 'Kostas', |
| 495 | 502 |
'last_name': 'Mitroglou', 'provider': 'local'} |
| 496 | 503 |
r = self.client.post("/im/signup", data)
|
| 497 | 504 |
|
| 498 | 505 |
# user created |
| 499 | 506 |
self.assertEqual(AstakosUser.objects.count(), 1) |
| 500 |
user = AstakosUser.objects.get(username="kpap@grnet.gr",
|
|
| 501 |
email="kpap@grnet.gr")
|
|
| 502 |
self.assertEqual(user.username, 'kpap@grnet.gr')
|
|
| 507 |
user = AstakosUser.objects.get(username="kpap@synnefo.org",
|
|
| 508 |
email="kpap@synnefo.org")
|
|
| 509 |
self.assertEqual(user.username, 'kpap@synnefo.org')
|
|
| 503 | 510 |
self.assertEqual(user.has_auth_provider('local'), True)
|
| 504 | 511 |
self.assertFalse(user.is_active) |
| 505 | 512 |
|
| 506 | 513 |
# user (but not admin) gets notified |
| 507 |
self.assertEqual(len(get_mailbox('support@cloud.grnet.gr')), 0)
|
|
| 508 |
self.assertEqual(len(get_mailbox('kpap@grnet.gr')), 1)
|
|
| 514 |
self.assertEqual(len(get_mailbox('support@cloud.synnefo.org')), 0)
|
|
| 515 |
self.assertEqual(len(get_mailbox('kpap@synnefo.org')), 1)
|
|
| 509 | 516 |
astakos_settings.MODERATION_ENABLED = True |
| 510 | 517 |
|
| 511 | 518 |
def test_email_case(self): |
| 512 | 519 |
data = {
|
| 513 |
'email': 'kPap@grnet.gr',
|
|
| 520 |
'email': 'kPap@synnefo.org',
|
|
| 514 | 521 |
'password1': '1234', |
| 515 | 522 |
'password2': '1234' |
| 516 | 523 |
} |
| ... | ... | |
| 521 | 528 |
form.store_user(user, {})
|
| 522 | 529 |
|
| 523 | 530 |
u = AstakosUser.objects.get() |
| 524 |
self.assertEqual(u.email, 'kPap@grnet.gr')
|
|
| 525 |
self.assertEqual(u.username, 'kpap@grnet.gr')
|
|
| 531 |
self.assertEqual(u.email, 'kPap@synnefo.org')
|
|
| 532 |
self.assertEqual(u.username, 'kpap@synnefo.org')
|
|
| 526 | 533 |
u.is_active = True |
| 527 | 534 |
u.email_verified = True |
| 528 | 535 |
u.save() |
| 529 | 536 |
|
| 530 |
data = {'username': 'kpap@grnet.gr', 'password': '1234'}
|
|
| 537 |
data = {'username': 'kpap@synnefo.org', 'password': '1234'}
|
|
| 531 | 538 |
login = forms.LoginForm(data=data) |
| 532 | 539 |
self.assertTrue(login.is_valid()) |
| 533 | 540 |
|
| 534 |
data = {'username': 'KpaP@grnet.gr', 'password': '1234'}
|
|
| 541 |
data = {'username': 'KpaP@synnefo.org', 'password': '1234'}
|
|
| 535 | 542 |
login = forms.LoginForm(data=data) |
| 536 | 543 |
self.assertTrue(login.is_valid()) |
| 537 | 544 |
|
| 538 | 545 |
data = {
|
| 539 |
'email': 'kpap@grnet.gr',
|
|
| 546 |
'email': 'kpap@synnefo.org',
|
|
| 540 | 547 |
'password1': '1234', |
| 541 | 548 |
'password2': '1234' |
| 542 | 549 |
} |
| ... | ... | |
| 544 | 551 |
self.assertFalse(form.is_valid()) |
| 545 | 552 |
|
| 546 | 553 |
@im_settings(HELPDESK=(('support', 'support@synnefo.org'),),
|
| 547 |
FORCE_PROFILE_UPDATE=False) |
|
| 554 |
FORCE_PROFILE_UPDATE=False, MODERATION_ENABLED=True)
|
|
| 548 | 555 |
def test_local_provider(self): |
| 549 | 556 |
self.helpdesk_email = astakos_settings.HELPDESK[0][1] |
| 550 |
# enable moderation |
|
| 551 |
astakos_settings.MODERATION_ENABLED = True |
|
| 552 | 557 |
|
| 553 | 558 |
# create a user |
| 554 | 559 |
r = self.client.get("/im/signup")
|
| 555 | 560 |
self.assertEqual(r.status_code, 200) |
| 556 |
data = {'email': 'kpap@grnet.gr', 'password1': 'password',
|
|
| 561 |
data = {'email': 'kpap@synnefo.org', 'password1': 'password',
|
|
| 557 | 562 |
'password2': 'password', 'first_name': 'Kostas', |
| 558 | 563 |
'last_name': 'Mitroglou', 'provider': 'local'} |
| 559 | 564 |
r = self.client.post("/im/signup", data)
|
| 560 | 565 |
|
| 561 | 566 |
# user created |
| 562 | 567 |
self.assertEqual(AstakosUser.objects.count(), 1) |
| 563 |
user = AstakosUser.objects.get(username="kpap@grnet.gr",
|
|
| 564 |
email="kpap@grnet.gr")
|
|
| 565 |
self.assertEqual(user.username, 'kpap@grnet.gr')
|
|
| 568 |
user = AstakosUser.objects.get(username="kpap@synnefo.org",
|
|
| 569 |
email="kpap@synnefo.org")
|
|
| 570 |
self.assertEqual(user.username, 'kpap@synnefo.org')
|
|
| 566 | 571 |
self.assertEqual(user.has_auth_provider('local'), True)
|
| 567 | 572 |
self.assertFalse(user.is_active) # not activated |
| 568 | 573 |
self.assertFalse(user.email_verified) # not verified |
| 569 |
self.assertFalse(user.activation_sent) # activation automatically sent |
|
| 574 |
self.assertTrue(user.activation_sent) # activation automatically sent |
|
| 575 |
self.assertFalse(user.moderated) |
|
| 576 |
self.assertFalse(user.email_verified) |
|
| 570 | 577 |
|
| 571 | 578 |
# admin gets notified and activates the user from the command line |
| 572 |
self.assertEqual(len(get_mailbox(self.helpdesk_email)), 1) |
|
| 573 |
r = self.client.post('/im/local', {'username': 'kpap@grnet.gr',
|
|
| 574 |
'password': 'password'}) |
|
| 575 |
self.assertContains(r, messages.NOTIFICATION_SENT) |
|
| 576 |
functions.send_activation(user) |
|
| 579 |
self.assertEqual(len(get_mailbox('kpap@synnefo.org')), 1)
|
|
| 580 |
r = self.client.post('/im/local', {'username': 'kpap@synnefo.org',
|
|
| 581 |
'password': 'password'}, |
|
| 582 |
follow=True) |
|
| 583 |
self.assertContains(r, messages.VERIFICATION_SENT) |
|
| 584 |
backend = activation_backends.get_backend() |
|
| 585 |
|
|
| 586 |
user = AstakosUser.objects.get(username="kpap@synnefo.org") |
|
| 587 |
backend.send_user_verification_email(user) |
|
| 577 | 588 |
|
| 578 | 589 |
# user activation fields updated and user gets notified via email |
| 579 | 590 |
user = AstakosUser.objects.get(pk=user.pk) |
| 580 | 591 |
self.assertTrue(user.activation_sent) |
| 581 | 592 |
self.assertFalse(user.email_verified) |
| 582 | 593 |
self.assertFalse(user.is_active) |
| 583 |
self.assertEqual(len(get_mailbox('kpap@grnet.gr')), 1)
|
|
| 594 |
self.assertEqual(len(get_mailbox('kpap@synnefo.org')), 2)
|
|
| 584 | 595 |
|
| 585 | 596 |
# user forgot she got registered and tries to submit registration |
| 586 | 597 |
# form. Notice the upper case in email |
| 587 |
data = {'email': 'KPAP@grnet.gr', 'password1': 'password',
|
|
| 598 |
data = {'email': 'KPAP@synnefo.org', 'password1': 'password',
|
|
| 588 | 599 |
'password2': 'password', 'first_name': 'Kostas', |
| 589 | 600 |
'last_name': 'Mitroglou', 'provider': 'local'} |
| 590 | 601 |
r = self.client.post("/im/signup", data, follow=True)
|
| 591 | 602 |
self.assertRedirects(r, reverse('index'))
|
| 592 |
self.assertContains(r, messages.NOTIFICATION_SENT)
|
|
| 603 |
self.assertContains(r, messages.VERIFICATION_SENT)
|
|
| 593 | 604 |
|
| 594 | 605 |
user = AstakosUser.objects.get() |
| 595 |
functions.send_activation(user) |
|
| 596 |
|
|
| 597 | 606 |
# previous user replaced |
| 598 | 607 |
self.assertTrue(user.activation_sent) |
| 599 | 608 |
self.assertFalse(user.email_verified) |
| 600 | 609 |
self.assertFalse(user.is_active) |
| 601 |
self.assertEqual(len(get_mailbox('KPAP@grnet.gr')), 1)
|
|
| 610 |
self.assertEqual(len(get_mailbox('KPAP@synnefo.org')), 1)
|
|
| 602 | 611 |
|
| 603 | 612 |
# hmmm, email exists; lets request a password change |
| 604 | 613 |
r = self.client.get('/im/local/password_reset')
|
| 605 | 614 |
self.assertEqual(r.status_code, 200) |
| 606 |
data = {'email': 'kpap@grnet.gr'}
|
|
| 615 |
data = {'email': 'kpap@synnefo.org'}
|
|
| 607 | 616 |
r = self.client.post('/im/local/password_reset', data, follow=True)
|
| 608 | 617 |
# she can't because account is not active yet |
| 609 | 618 |
self.assertContains(r, 'pending activation') |
| ... | ... | |
| 612 | 621 |
# so user can trigger resend of the activation email |
| 613 | 622 |
r = self.client.get('/im/send/activation/%d' % user.pk, follow=True)
|
| 614 | 623 |
self.assertContains(r, 'has been sent to your email address.') |
| 615 |
self.assertEqual(len(get_mailbox('KPAP@grnet.gr')), 2)
|
|
| 624 |
self.assertEqual(len(get_mailbox('KPAP@synnefo.org')), 2)
|
|
| 616 | 625 |
|
| 617 | 626 |
# also she cannot login |
| 618 |
data = {'username': 'kpap@grnet.gr', 'password': 'password'}
|
|
| 627 |
data = {'username': 'kpap@synnefo.org', 'password': 'password'}
|
|
| 619 | 628 |
r = self.client.post('/im/local', data, follow=True)
|
| 620 | 629 |
self.assertContains(r, 'Resend activation') |
| 621 | 630 |
self.assertFalse(r.context['request'].user.is_authenticated()) |
| ... | ... | |
| 623 | 632 |
|
| 624 | 633 |
# user sees the message and resends activation |
| 625 | 634 |
r = self.client.get('/im/send/activation/%d' % user.pk, follow=True)
|
| 626 |
self.assertEqual(len(get_mailbox('KPAP@grnet.gr')), 3)
|
|
| 635 |
self.assertEqual(len(get_mailbox('KPAP@synnefo.org')), 3)
|
|
| 627 | 636 |
|
| 628 |
# switch back moderation setting |
|
| 629 |
astakos_settings.MODERATION_ENABLED = True |
|
| 637 |
# logged in user cannot activate another account |
|
| 638 |
tmp_user = get_local_user("test_existing_user@synnefo.org")
|
|
| 639 |
tmp_client = Client() |
|
| 640 |
tmp_client.login(username="test_existing_user@synnefo.org", |
|
| 641 |
password="password") |
|
| 642 |
r = tmp_client.get(user.get_activation_url(), follow=True) |
|
| 643 |
self.assertContains(r, messages.LOGGED_IN_WARNING) |
|
| 644 |
|
|
| 645 |
r = self.client.get(user.get_activation_url(), follow=True) |
|
| 646 |
# previous code got invalidated |
|
| 647 |
self.assertEqual(r.status_code, 404) |
|
| 648 |
|
|
| 649 |
user = AstakosUser.objects.get(pk=user.pk) |
|
| 650 |
self.assertEqual(len(get_mailbox(self.helpdesk_email)), 0) |
|
| 630 | 651 |
r = self.client.get(user.get_activation_url(), follow=True) |
| 631 |
self.assertRedirects(r, "/im/landing") |
|
| 652 |
self.assertRedirects(r, reverse('index'))
|
|
| 653 |
# user sees that account is pending approval from admins |
|
| 654 |
self.assertContains(r, messages.NOTIFICATION_SENT) |
|
| 655 |
self.assertEqual(len(get_mailbox(self.helpdesk_email)), 1) |
|
| 656 |
|
|
| 657 |
user = AstakosUser.objects.get(email="KPAP@synnefo.org") |
|
| 658 |
result = backend.handle_moderation(user) |
|
| 659 |
backend.send_result_notifications(result, user) |
|
| 660 |
self.assertEqual(len(get_mailbox('KPAP@synnefo.org')), 4)
|
|
| 661 |
self.assertEqual(len(get_mailbox(self.helpdesk_email)), 2) |
|
| 662 |
|
|
| 663 |
user = AstakosUser.objects.get(email="KPAP@synnefo.org") |
|
| 632 | 664 |
r = self.client.get('/im/profile', follow=True)
|
| 633 |
self.assertTrue(r.context['request'].user.is_authenticated()) |
|
| 634 |
self.assertTrue('_pithos2_a' in self.client.cookies)
|
|
| 635 |
self.assertContains(r, "KPAP@grnet.gr") |
|
| 636 |
self.assertEqual(len(get_mailbox('KPAP@grnet.gr')), 4)
|
|
| 665 |
self.assertFalse(r.context['request'].user.is_authenticated()) |
|
| 666 |
self.assertFalse('_pithos2_a' in self.client.cookies)
|
|
| 667 |
self.assertEqual(len(get_mailbox('KPAP@synnefo.org')), 4)
|
|
| 637 | 668 |
|
| 638 | 669 |
user = AstakosUser.objects.get(pk=user.pk) |
| 670 |
r = self.client.post('/im/local', {'username': 'kpap@synnefo.org',
|
|
| 671 |
'password': 'password'}, |
|
| 672 |
follow=True) |
|
| 639 | 673 |
# user activated and logged in, token cookie set |
| 640 | 674 |
self.assertTrue(r.context['request'].user.is_authenticated()) |
| 641 | 675 |
self.assertTrue('_pithos2_a' in self.client.cookies)
|
| ... | ... | |
| 652 | 686 |
del self.client.cookies['_pithos2_a'] |
| 653 | 687 |
|
| 654 | 688 |
# user can login |
| 655 |
r = self.client.post('/im/local', {'username': 'kpap@grnet.gr',
|
|
| 689 |
r = self.client.post('/im/local', {'username': 'kpap@synnefo.org',
|
|
| 656 | 690 |
'password': 'password'}, |
| 657 | 691 |
follow=True) |
| 658 | 692 |
self.assertTrue(r.context['request'].user.is_authenticated()) |
| ... | ... | |
| 667 | 701 |
r = self.client.get('/im/local/password_reset')
|
| 668 | 702 |
self.assertEqual(r.status_code, 200) |
| 669 | 703 |
r = self.client.post('/im/local/password_reset', {'email':
|
| 670 |
'kpap@grnet.gr'})
|
|
| 704 |
'kpap@synnefo.org'})
|
|
| 671 | 705 |
self.assertEqual(r.status_code, 302) |
| 672 | 706 |
# email sent |
| 673 |
self.assertEqual(len(get_mailbox('KPAP@grnet.gr')), 5)
|
|
| 707 |
self.assertEqual(len(get_mailbox('KPAP@synnefo.org')), 5)
|
|
| 674 | 708 |
|
| 675 | 709 |
# user visits change password link |
| 676 |
# "Refresh" user because created url is based on last_login timestamp |
|
| 677 | 710 |
user = AstakosUser.objects.get(pk=user.pk) |
| 678 | 711 |
r = self.client.get(user.get_password_reset_url()) |
| 679 | 712 |
r = self.client.post(user.get_password_reset_url(), |
| ... | ... | |
| 684 | 717 |
self.assertNotEqual(old_pass, user.password) |
| 685 | 718 |
|
| 686 | 719 |
# old pass is not usable |
| 687 |
r = self.client.post('/im/local', {'username': 'kpap@grnet.gr',
|
|
| 720 |
r = self.client.post('/im/local', {'username': 'kpap@synnefo.org',
|
|
| 688 | 721 |
'password': 'password'}) |
| 689 | 722 |
self.assertContains(r, 'Please enter a correct username and password') |
| 690 |
r = self.client.post('/im/local', {'username': 'kpap@grnet.gr',
|
|
| 723 |
r = self.client.post('/im/local', {'username': 'kpap@synnefo.org',
|
|
| 691 | 724 |
'password': 'newpass'}, |
| 692 | 725 |
follow=True) |
| 693 | 726 |
self.assertTrue(r.context['request'].user.is_authenticated()) |
| ... | ... | |
| 702 | 735 |
r = self.client.get('/im/local/password_reset')
|
| 703 | 736 |
self.assertEqual(r.status_code, 200) |
| 704 | 737 |
r = self.client.post('/im/local/password_reset', {'email':
|
| 705 |
'kpap@grnet.gr'})
|
|
| 738 |
'kpap@synnefo.org'})
|
|
| 706 | 739 |
# she can't because account is not active yet |
| 707 | 740 |
self.assertContains(r, "Changing password is not") |
| 708 | 741 |
|
| ... | ... | |
| 711 | 744 |
|
| 712 | 745 |
def test_email_change(self): |
| 713 | 746 |
# to test existing email validation |
| 714 |
get_local_user('existing@grnet.gr')
|
|
| 747 |
get_local_user('existing@synnefo.org')
|
|
| 715 | 748 |
|
| 716 | 749 |
# local user |
| 717 |
user = get_local_user('kpap@grnet.gr')
|
|
| 750 |
user = get_local_user('kpap@synnefo.org')
|
|
| 718 | 751 |
|
| 719 | 752 |
# login as kpap |
| 720 |
self.client.login(username='kpap@grnet.gr', password='password')
|
|
| 753 |
self.client.login(username='kpap@synnefo.org', password='password')
|
|
| 721 | 754 |
r = self.client.get('/im/profile', follow=True)
|
| 722 | 755 |
user = r.context['request'].user |
| 723 | 756 |
self.assertTrue(user.is_authenticated()) |
| ... | ... | |
| 728 | 761 |
self.assertFalse(user.email_change_is_pending()) |
| 729 | 762 |
|
| 730 | 763 |
# request email change to an existing email fails |
| 731 |
data = {'new_email_address': 'existing@grnet.gr'}
|
|
| 764 |
data = {'new_email_address': 'existing@synnefo.org'}
|
|
| 732 | 765 |
r = self.client.post('/im/email_change', data)
|
| 733 | 766 |
self.assertContains(r, messages.EMAIL_USED) |
| 734 | 767 |
|
| ... | ... | |
| 746 | 779 |
self.assertTrue(user.email_change_is_pending()) |
| 747 | 780 |
|
| 748 | 781 |
# link was sent |
| 749 |
self.assertEqual(len(get_mailbox('kpap@grnet.gr')), 0)
|
|
| 782 |
self.assertEqual(len(get_mailbox('kpap@synnefo.org')), 0)
|
|
| 750 | 783 |
self.assertEqual(len(get_mailbox('kpap@gmail.com')), 1)
|
| 751 | 784 |
|
| 752 | 785 |
# proper email change |
| ... | ... | |
| 754 | 787 |
r = self.client.post('/im/email_change', data, follow=True)
|
| 755 | 788 |
self.assertRedirects(r, '/im/profile') |
| 756 | 789 |
self.assertContains(r, messages.EMAIL_CHANGE_REGISTERED) |
| 757 |
self.assertEqual(len(get_mailbox('kpap@grnet.gr')), 0)
|
|
| 790 |
self.assertEqual(len(get_mailbox('kpap@synnefo.org')), 0)
|
|
| 758 | 791 |
self.assertEqual(len(get_mailbox('kpap@yahoo.com')), 1)
|
| 759 | 792 |
change2 = EmailChange.objects.get() |
| 760 | 793 |
|
| ... | ... | |
| 763 | 796 |
self.client.logout() |
| 764 | 797 |
|
| 765 | 798 |
r = self.client.post('/im/local?next=' + change2.get_url(),
|
| 766 |
{'username': 'kpap@grnet.gr',
|
|
| 799 |
{'username': 'kpap@synnefo.org',
|
|
| 767 | 800 |
'password': 'password', |
| 768 | 801 |
'next': change2.get_url()}, |
| 769 | 802 |
follow=True) |
| ... | ... | |
| 774 | 807 |
|
| 775 | 808 |
self.client.logout() |
| 776 | 809 |
r = self.client.post('/im/local?next=' + change2.get_url(),
|
| 777 |
{'username': 'kpap@grnet.gr',
|
|
| 810 |
{'username': 'kpap@synnefo.org',
|
|
| 778 | 811 |
'password': 'password', |
| 779 | 812 |
'next': change2.get_url()}, |
| 780 | 813 |
follow=True) |
| ... | ... | |
| 793 | 826 |
Pending = PendingThirdPartyUser |
| 794 | 827 |
User = AstakosUser |
| 795 | 828 |
|
| 796 |
User.objects.create(email="newuser@grnet.gr")
|
|
| 797 |
get_local_user("olduser@grnet.gr")
|
|
| 829 |
User.objects.create(email="newuser@synnefo.org")
|
|
| 830 |
get_local_user("olduser@synnefo.org")
|
|
| 798 | 831 |
cl_olduser = ShibbolethClient() |
| 799 |
get_local_user("olduser2@grnet.gr")
|
|
| 832 |
get_local_user("olduser2@synnefo.org")
|
|
| 800 | 833 |
ShibbolethClient() |
| 801 | 834 |
cl_newuser = ShibbolethClient() |
| 802 | 835 |
cl_newuser2 = Client() |
| ... | ... | |
| 812 | 845 |
login=False, |
| 813 | 846 |
add=False) |
| 814 | 847 |
|
| 815 |
|
|
| 816 | 848 |
# new academic user |
| 817 |
self.assertFalse(academic_users.filter(email='newuser@grnet.gr'))
|
|
| 849 |
self.assertFalse(academic_users.filter(email='newuser@synnefo.org'))
|
|
| 818 | 850 |
cl_newuser.set_tokens(eppn="newusereppn") |
| 819 | 851 |
r = cl_newuser.get('/im/login/shibboleth?', follow=True)
|
| 820 | 852 |
pending = Pending.objects.get() |
| ... | ... | |
| 826 | 858 |
'provider': 'shibboleth'} |
| 827 | 859 |
r = cl_newuser.post('/im/signup', signup_data)
|
| 828 | 860 |
self.assertContains(r, "This field is required", ) |
| 829 |
signup_data['email'] = 'olduser@grnet.gr'
|
|
| 861 |
signup_data['email'] = 'olduser@synnefo.org'
|
|
| 830 | 862 |
r = cl_newuser.post('/im/signup', signup_data)
|
| 831 | 863 |
self.assertContains(r, "already an account with this email", ) |
| 832 |
signup_data['email'] = 'newuser@grnet.gr'
|
|
| 864 |
signup_data['email'] = 'newuser@synnefo.org'
|
|
| 833 | 865 |
r = cl_newuser.post('/im/signup', signup_data, follow=True)
|
| 834 | 866 |
r = cl_newuser.post('/im/signup', signup_data, follow=True)
|
| 835 | 867 |
self.assertEqual(r.status_code, 404) |
| 836 |
newuser = User.objects.get(email="newuser@grnet.gr")
|
|
| 868 |
newuser = User.objects.get(email="newuser@synnefo.org")
|
|
| 837 | 869 |
activation_link = newuser.get_activation_url() |
| 838 |
self.assertTrue(academic_users.get(email='newuser@grnet.gr'))
|
|
| 870 |
self.assertTrue(academic_users.get(email='newuser@synnefo.org'))
|
|
| 839 | 871 |
|
| 840 | 872 |
# new non-academic user |
| 841 | 873 |
signup_data = {'first_name': 'Non Academic',
|
| ... | ... | |
| 843 | 875 |
'provider': 'local', |
| 844 | 876 |
'password1': 'password', |
| 845 | 877 |
'password2': 'password'} |
| 846 |
signup_data['email'] = 'olduser@grnet.gr'
|
|
| 878 |
signup_data['email'] = 'olduser@synnefo.org'
|
|
| 847 | 879 |
r = cl_newuser2.post('/im/signup', signup_data)
|
| 848 | 880 |
self.assertContains(r, 'There is already an account with this ' |
| 849 | 881 |
'email address') |
| 850 |
signup_data['email'] = 'newuser@grnet.gr'
|
|
| 882 |
signup_data['email'] = 'newuser@synnefo.org'
|
|
| 851 | 883 |
r = cl_newuser2.post('/im/signup/', signup_data)
|
| 852 |
self.assertFalse(academic_users.filter(email='newuser@grnet.gr'))
|
|
| 884 |
self.assertFalse(academic_users.filter(email='newuser@synnefo.org'))
|
|
| 853 | 885 |
r = self.client.get(activation_link, follow=True) |
| 854 |
self.assertEqual(r.status_code, 400) |
|
| 855 |
newuser = User.objects.get(email="newuser@grnet.gr") |
|
| 856 |
self.assertFalse(newuser.activation_sent) |
|
| 857 |
r = self.client.get(newuser.get_activation_url(), follow=True) |
|
| 858 |
self.assertContains(r, "pending moderation") |
|
| 886 |
self.assertEqual(r.status_code, 404) |
|
| 887 |
newuser = User.objects.get(email="newuser@synnefo.org") |
|
| 888 |
self.assertTrue(newuser.activation_sent) |
|
| 859 | 889 |
|
| 860 |
self.assertFalse(academic_users.filter(email='newuser@grnet.gr')) |
|
| 890 |
# activation sent, user didn't open verification url so additional |
|
| 891 |
# registrations invalidate the previous signups. |
|
| 892 |
self.assertFalse(academic_users.filter(email='newuser@synnefo.org')) |
|
| 861 | 893 |
r = cl_newuser.get('/im/login/shibboleth?', follow=True)
|
| 862 | 894 |
pending = Pending.objects.get() |
| 863 | 895 |
identifier = pending.third_party_identifier |
| ... | ... | |
| 866 | 898 |
'third_party_token': pending.token, |
| 867 | 899 |
'last_name': 'New User', |
| 868 | 900 |
'provider': 'shibboleth'} |
| 869 |
signup_data['email'] = 'newuser@grnet.gr'
|
|
| 901 |
signup_data['email'] = 'newuser@synnefo.org'
|
|
| 870 | 902 |
r = cl_newuser.post('/im/signup', signup_data)
|
| 871 |
newuser = User.objects.get(email="newuser@grnet.gr") |
|
| 903 |
self.assertEqual(r.status_code, 302) |
|
| 904 |
newuser = User.objects.get(email="newuser@synnefo.org") |
|
| 872 | 905 |
self.assertTrue(newuser.activation_sent) |
| 873 | 906 |
activation_link = newuser.get_activation_url() |
| 874 |
self.assertTrue(academic_users.get(email='newuser@grnet.gr'))
|
|
| 907 |
self.assertTrue(academic_users.get(email='newuser@synnefo.org'))
|
|
| 875 | 908 |
r = cl_newuser.get(newuser.get_activation_url(), follow=True) |
| 876 | 909 |
self.assertRedirects(r, '/im/landing') |
| 877 |
newuser = User.objects.get(email="newuser@grnet.gr")
|
|
| 910 |
newuser = User.objects.get(email="newuser@synnefo.org")
|
|
| 878 | 911 |
self.assertEqual(newuser.is_active, True) |
| 879 | 912 |
self.assertEqual(newuser.email_verified, True) |
| 880 | 913 |
cl_newuser.logout() |
| ... | ... | |
| 883 | 916 |
newuser.is_active = False |
| 884 | 917 |
newuser.save() |
| 885 | 918 |
r = cl_newuser.get(newuser.get_activation_url()) |
| 886 |
newuser = User.objects.get(email="newuser@grnet.gr")
|
|
| 919 |
newuser = User.objects.get(email="newuser@synnefo.org")
|
|
| 887 | 920 |
self.assertFalse(newuser.is_active) |
| 888 | 921 |
|
| 889 | 922 |
# release suspension |
| ... | ... | |
| 898 | 931 |
self.assertRedirects(r, '/im/profile') |
| 899 | 932 |
self.assertContains(r, 'disabled for your') |
| 900 | 933 |
|
| 901 |
cl_olduser.login(username='olduser@grnet.gr', password="password")
|
|
| 934 |
cl_olduser.login(username='olduser@synnefo.org', password="password")
|
|
| 902 | 935 |
r = cl_olduser.get('/im/profile', follow=True)
|
| 903 | 936 |
self.assertEqual(r.status_code, 200) |
| 904 | 937 |
r = cl_olduser.get('/im/login/shibboleth?', follow=True)
|
| ... | ... | |
| 910 | 943 |
r = cl_olduser.get('/im/login/shibboleth?', follow=True)
|
| 911 | 944 |
self.assertContains(r, 'Academic login enabled for this account') |
| 912 | 945 |
|
| 913 |
user = User.objects.get(email="olduser@grnet.gr")
|
|
| 946 |
user = User.objects.get(email="olduser@synnefo.org")
|
|
| 914 | 947 |
shib_provider = user.get_auth_provider('shibboleth', 'oldusereppn')
|
| 915 | 948 |
local_provider = user.get_auth_provider('local')
|
| 916 | 949 |
self.assertEqual(shib_provider.get_remove_policy, True) |
| 917 | 950 |
self.assertEqual(local_provider.get_remove_policy, True) |
| 918 | 951 |
|
| 919 |
|
|
| 920 | 952 |
policy_only_academic = Profile.objects.add_policy('academic_strict2',
|
| 921 | 953 |
'shibboleth', |
| 922 | 954 |
academic_group, |
| ... | ... | |
| 929 | 961 |
self.assertEqual(local_provider.get_login_policy, False) |
| 930 | 962 |
|
| 931 | 963 |
cl_olduser.logout() |
| 932 |
login_data = {'username': 'olduser@grnet.gr', 'password': 'password'}
|
|
| 964 |
login_data = {'username': 'olduser@synnefo.org', 'password': 'password'}
|
|
| 933 | 965 |
r = cl_olduser.post('/im/local', login_data, follow=True)
|
| 934 | 966 |
self.assertContains(r, "href='/im/login/shibboleth'>Academic login") |
| 935 | 967 |
|
| ... | ... | |
| 941 | 973 |
|
| 942 | 974 |
@im_settings(IM_MODULES=['local', 'shibboleth']) |
| 943 | 975 |
def test_create(self): |
| 944 |
user = AstakosUser.objects.create(email="kpap@grnet.gr")
|
|
| 945 |
user2 = AstakosUser.objects.create(email="kpap2@grnet.gr")
|
|
| 976 |
user = AstakosUser.objects.create(email="kpap@synnefo.org")
|
|
| 977 |
user2 = AstakosUser.objects.create(email="kpap2@synnefo.org")
|
|
| 946 | 978 |
|
| 947 | 979 |
module = 'shibboleth' |
| 948 | 980 |
identifier = 'SHIB_UUID' |
| ... | ... | |
| 995 | 1027 |
CREATION_GROUPS_POLICY=['localgroup-create', |
| 996 | 1028 |
'group-create']) |
| 997 | 1029 |
def test_add_groups(self): |
| 998 |
user = AstakosUser.objects.create(email="kpap@grnet.gr")
|
|
| 1030 |
user = AstakosUser.objects.create(email="kpap@synnefo.org")
|
|
| 999 | 1031 |
provider = auth.get_provider('shibboleth', user, 'test123')
|
| 1000 | 1032 |
provider.add_to_user() |
| 1001 | 1033 |
user = AstakosUser.objects.get() |
| 1002 | 1034 |
self.assertEqual(sorted(user.groups.values_list('name', flat=True)),
|
| 1003 |
sorted([u'group1', u'group2', u'group-create'])) |
|
| 1035 |
sorted([u'group1', u'group2', u'group-create']))
|
|
| 1004 | 1036 |
|
| 1005 | 1037 |
local = auth.get_provider('local', user)
|
| 1006 | 1038 |
local.add_to_user() |
| ... | ... | |
| 1010 | 1042 |
user = AstakosUser.objects.get() |
| 1011 | 1043 |
self.assertEqual(len(user.get_auth_providers()), 1) |
| 1012 | 1044 |
self.assertEqual(sorted(user.groups.values_list('name', flat=True)),
|
| 1013 |
sorted([u'group-create', u'localgroup'])) |
|
| 1045 |
sorted([u'group-create', u'localgroup']))
|
|
| 1014 | 1046 |
|
| 1015 | 1047 |
local = user.get_auth_provider('local')
|
| 1016 | 1048 |
self.assertRaises(Exception, local.remove_from_user) |
| ... | ... | |
| 1018 | 1050 |
provider.add_to_user() |
| 1019 | 1051 |
user = AstakosUser.objects.get() |
| 1020 | 1052 |
self.assertEqual(sorted(user.groups.values_list('name', flat=True)),
|
| 1021 |
sorted([u'group-create', u'group1', u'group2', |
|
| 1022 |
u'localgroup'])) |
|
| 1053 |
sorted([u'group-create', u'group1', u'group2', |
|
| 1054 |
u'localgroup'])) |
|
| 1055 |
|
|
| 1056 |
|
|
| 1023 | 1057 |
|
| 1024 | 1058 |
@im_settings(IM_MODULES=['local', 'shibboleth']) |
| 1025 | 1059 |
def test_policies(self): |
| ... | ... | |
| 1031 | 1065 |
settings.ASTAKOS_AUTH_PROVIDER_GOOGLE_ADD_GROUPS_POLICY = \ |
| 1032 | 1066 |
['google-user'] |
| 1033 | 1067 |
|
| 1034 |
user = AstakosUser.objects.create(email="kpap@grnet.gr")
|
|
| 1068 |
user = AstakosUser.objects.create(email="kpap@synnefo.org")
|
|
| 1035 | 1069 |
user.groups.add(group_old) |
| 1036 | 1070 |
user.add_auth_provider('local')
|
| 1037 | 1071 |
|
| 1038 |
user2 = AstakosUser.objects.create(email="kpap2@grnet.gr")
|
|
| 1072 |
user2 = AstakosUser.objects.create(email="kpap2@synnefo.org")
|
|
| 1039 | 1073 |
user2.add_auth_provider('shibboleth', identifier='shibid')
|
| 1040 | 1074 |
|
| 1041 |
user3 = AstakosUser.objects.create(email="kpap3@grnet.gr")
|
|
| 1075 |
user3 = AstakosUser.objects.create(email="kpap3@synnefo.org")
|
|
| 1042 | 1076 |
user3.groups.add(group_old) |
| 1043 | 1077 |
user3.add_auth_provider('local')
|
| 1044 | 1078 |
user3.add_auth_provider('shibboleth', identifier='1234')
|
| ... | ... | |
| 1129 | 1163 |
@im_settings(IM_MODULES=['local', 'shibboleth']) |
| 1130 | 1164 |
@shibboleth_settings(LIMIT_POLICY=2) |
| 1131 | 1165 |
def test_policies(self): |
| 1132 |
user = get_local_user('kpap@grnet.gr')
|
|
| 1166 |
user = get_local_user('kpap@synnefo.org')
|
|
| 1133 | 1167 |
user.add_auth_provider('shibboleth', identifier='1234')
|
| 1134 | 1168 |
user.add_auth_provider('shibboleth', identifier='12345')
|
| 1135 | 1169 |
|
| ... | ... | |
| 1151 | 1185 |
@im_settings(IM_MODULES=['local', 'shibboleth']) |
| 1152 | 1186 |
@shibboleth_settings(LIMIT_POLICY=2) |
| 1153 | 1187 |
def test_messages(self): |
| 1154 |
user = get_local_user('kpap@grnet.gr')
|
|
| 1188 |
user = get_local_user('kpap@synnefo.org')
|
|
| 1155 | 1189 |
user.add_auth_provider('shibboleth', identifier='1234')
|
| 1156 | 1190 |
user.add_auth_provider('shibboleth', identifier='12345')
|
| 1157 | 1191 |
provider = auth_providers.get_provider('shibboleth')
|
| ... | ... | |
| 1184 | 1218 |
@im_settings(IM_MODULES=['local', 'shibboleth']) |
| 1185 | 1219 |
@shibboleth_settings(LIMIT_POLICY=2) |
| 1186 | 1220 |
def test_templates(self): |
| 1187 |
user = get_local_user('kpap@grnet.gr')
|
|
| 1221 |
user = get_local_user('kpap@synnefo.org')
|
|
| 1188 | 1222 |
user.add_auth_provider('shibboleth', identifier='1234')
|
| 1189 | 1223 |
user.add_auth_provider('shibboleth', identifier='12345')
|
| 1190 | 1224 |
|
| ... | ... | |
| 1196 | 1230 |
'im/auth/generic_login.html') |
| 1197 | 1231 |
|
| 1198 | 1232 |
|
| 1233 |
class TestActivationBackend(TestCase): |
|
| 1234 |
|
|
| 1235 |
def setUp(self): |
|
| 1236 |
# dummy call to pass through logging middleware |
|
| 1237 |
self.client.get('/im/')
|
|
| 1238 |
|
|
| 1239 |
@im_settings(RE_USER_EMAIL_PATTERNS=['.*@synnefo.org']) |
|
| 1240 |
@shibboleth_settings(AUTOMODERATE_POLICY=True) |
|
| 1241 |
def test_policies(self): |
|
| 1242 |
backend = activation_backends.get_backend() |
|
| 1243 |
|
|
| 1244 |
# email matches RE_USER_EMAIL_PATTERNS |
|
| 1245 |
user1 = get_local_user('kpap@synnefo.org', moderated=False,
|
|
| 1246 |
is_active=False, email_verified=False) |
|
| 1247 |
backend.handle_verification(user1, user1.verification_code) |
|
| 1248 |
self.assertEqual(user1.accepted_policy, 'email') |
|
| 1249 |
|
|
| 1250 |
# manually moderated |
|
| 1251 |
user2 = get_local_user('kpap@synnefo-bad.org', moderated=False,
|
|
| 1252 |
is_active=False, email_verified=False) |
|
| 1253 |
|
|
| 1254 |
backend.handle_verification(user2, user2.verification_code) |
|
| 1255 |
self.assertEqual(user2.moderated, False) |
|
| 1256 |
backend.handle_moderation(user2) |
|
| 1257 |
self.assertEqual(user2.moderated, True) |
|
| 1258 |
self.assertEqual(user2.accepted_policy, 'manual') |
|
| 1259 |
|
|
| 1260 |
# autoaccept due to provider automoderate policy |
|
| 1261 |
user3 = get_local_user('kpap2@synnefo-bad.org', moderated=False,
|
|
| 1262 |
is_active=False, email_verified=False) |
|
| 1263 |
user3.auth_providers.all().delete() |
|
| 1264 |
user3.add_auth_provider('shibboleth', identifier='shib123')
|
|
| 1265 |
backend.handle_verification(user3, user3.verification_code) |
|
| 1266 |
self.assertEqual(user3.moderated, True) |
|
| 1267 |
self.assertEqual(user3.accepted_policy, 'auth_provider_shibboleth') |
|
| 1268 |
|
|
| 1269 |
@im_settings(MODERATION_ENABLED=False, |
|
| 1270 |
MANAGERS=(('Manager',
|
|
| 1271 |
'manager@synnefo.org'),), |
|
| 1272 |
HELPDESK=(('Helpdesk',
|
|
| 1273 |
'helpdesk@synnefo.org'),), |
|
| 1274 |
ADMINS=(('Admin', 'admin@synnefo.org'), ))
|
|
| 1275 |
def test_without_moderation(self): |
|
| 1276 |
backend = activation_backends.get_backend() |
|
| 1277 |
form = backend.get_signup_form('local')
|
|
| 1278 |
self.assertTrue(isinstance(form, forms.LocalUserCreationForm)) |
|
| 1279 |
|
|
| 1280 |
user_data = {
|
|
| 1281 |
'email': 'kpap@synnefo.org', |
|
| 1282 |
'first_name': 'Kostas Papas', |
|
| 1283 |
'password1': '123', |
|
| 1284 |
'password2': '123' |
|
| 1285 |
} |
|
| 1286 |
form = backend.get_signup_form('local', user_data)
|
|
| 1287 |
user = form.save(commit=False) |
|
| 1288 |
form.store_user(user) |
|
| 1289 |
self.assertEqual(user.is_active, False) |
|
| 1290 |
self.assertEqual(user.email_verified, False) |
|
| 1291 |
|
|
| 1292 |
# step one, registration |
|
| 1293 |
result = backend.handle_registration(user) |
|
| 1294 |
user = AstakosUser.objects.get() |
|
| 1295 |
self.assertEqual(user.is_active, False) |
|
| 1296 |
self.assertEqual(user.email_verified, False) |
|
| 1297 |
self.assertTrue(user.verification_code) |
|
| 1298 |
self.assertEqual(result.status, backend.Result.PENDING_VERIFICATION) |
|
| 1299 |
backend.send_result_notifications(result, user) |
|
| 1300 |
self.assertEqual(len(get_mailbox('kpap@synnefo.org')), 1)
|
|
| 1301 |
self.assertEqual(len(mail.outbox), 1) |
|
| 1302 |
|
|
| 1303 |
# step two, verify email (automatically |
|
| 1304 |
# moderates/accepts user, since moderation is disabled) |
|
| 1305 |
user = AstakosUser.objects.get() |
|
| 1306 |
valid_code = user.verification_code |
|
| 1307 |
|
|
| 1308 |
# test invalid code |
|
| 1309 |
result = backend.handle_verification(user, valid_code) |
|
| 1310 |
backend.send_result_notifications(result, user) |
|
| 1311 |
self.assertEqual(len(get_mailbox('manager@synnefo.org')), 1)
|
|
| 1312 |
self.assertEqual(len(get_mailbox('helpdesk@synnefo.org')), 1)
|
|
| 1313 |
self.assertEqual(len(get_mailbox('admin@synnefo.org')), 1)
|
|
| 1314 |
# verification + activated + greeting = 3 |
|
| 1315 |
self.assertEqual(len(mail.outbox), 3) |
|
| 1316 |
user = AstakosUser.objects.get() |
|
| 1317 |
self.assertEqual(user.is_active, True) |
|
| 1318 |
self.assertEqual(user.moderated, True) |
|
| 1319 |
self.assertTrue(user.moderated_at) |
|
| 1320 |
self.assertEqual(user.email_verified, True) |
|
| 1321 |
self.assertTrue(user.activation_sent) |
|
| 1322 |
|
|
| 1323 |
@im_settings(MODERATION_ENABLED=True, |
|
| 1324 |
MANAGERS=(('Manager',
|
|
| 1325 |
'manager@synnefo.org'),), |
|
| 1326 |
HELPDESK=(('Helpdesk',
|
|
| 1327 |
'helpdesk@synnefo.org'),), |
|
| 1328 |
ADMINS=(('Admin', 'admin@synnefo.org'), ))
|
|
| 1329 |
def test_with_moderation(self): |
|
| 1330 |
|
|
| 1331 |
backend = activation_backends.get_backend() |
|
| 1332 |
form = backend.get_signup_form('local')
|
|
| 1333 |
self.assertTrue(isinstance(form, forms.LocalUserCreationForm)) |
|
| 1334 |
|
|
| 1335 |
user_data = {
|
|
| 1336 |
'email': 'kpap@synnefo.org', |
|
| 1337 |
'first_name': 'Kostas Papas', |
|
| 1338 |
'password1': '123', |
|
| 1339 |
'password2': '123' |
|
| 1340 |
} |
|
| 1341 |
form = backend.get_signup_form(provider='local', |
|
| 1342 |
initial_data=user_data) |
|
| 1343 |
user = form.save(commit=False) |
|
| 1344 |
form.store_user(user) |
|
| 1345 |
self.assertEqual(user.is_active, False) |
|
| 1346 |
self.assertEqual(user.email_verified, False) |
|
| 1347 |
|
|
| 1348 |
# step one, registration |
|
| 1349 |
result = backend.handle_registration(user) |
|
| 1350 |
user = AstakosUser.objects.get() |
|
| 1351 |
self.assertEqual(user.is_active, False) |
|
| 1352 |
self.assertEqual(user.email_verified, False) |
|
| 1353 |
self.assertTrue(user.verification_code) |
|
| 1354 |
self.assertEqual(result.status, backend.Result.PENDING_VERIFICATION) |
|
| 1355 |
backend.send_result_notifications(result, user) |
|
| 1356 |
self.assertEqual(len(get_mailbox('kpap@synnefo.org')), 1)
|
|
| 1357 |
self.assertEqual(len(mail.outbox), 1) |
|
| 1358 |
|
|
| 1359 |
# step two, verifying email |
|
| 1360 |
user = AstakosUser.objects.get() |
|
| 1361 |
valid_code = user.verification_code |
|
| 1362 |
invalid_code = user.verification_code + 'invalid' |
|
| 1363 |
|
|
| 1364 |
# test invalid code |
|
| 1365 |
result = backend.handle_verification(user, invalid_code) |
|
| 1366 |
self.assertEqual(result.status, backend.Result.ERROR) |
|
| 1367 |
backend.send_result_notifications(result, user) |
|
| 1368 |
user = AstakosUser.objects.get() |
|
| 1369 |
self.assertEqual(user.is_active, False) |
|
| 1370 |
self.assertEqual(user.moderated, False) |
|
| 1371 |
self.assertEqual(user.moderated_at, None) |
|
| 1372 |
self.assertEqual(user.email_verified, False) |
|
| 1373 |
self.assertTrue(user.activation_sent) |
|
| 1374 |
|
|
| 1375 |
# test valid code |
|
| 1376 |
user = AstakosUser.objects.get() |
|
| 1377 |
result = backend.handle_verification(user, valid_code) |
|
| 1378 |
backend.send_result_notifications(result, user) |
|
| 1379 |
self.assertEqual(len(get_mailbox('manager@synnefo.org')), 1)
|
|
| 1380 |
self.assertEqual(len(get_mailbox('helpdesk@synnefo.org')), 1)
|
|
| 1381 |
self.assertEqual(len(get_mailbox('admin@synnefo.org')), 1)
|
|
| 1382 |
self.assertEqual(len(mail.outbox), 2) |
|
| 1383 |
user = AstakosUser.objects.get() |
|
| 1384 |
self.assertEqual(user.moderated, False) |
|
| 1385 |
self.assertEqual(user.moderated_at, None) |
|
| 1386 |
self.assertEqual(user.email_verified, True) |
|
| 1387 |
self.assertTrue(user.activation_sent) |
|
| 1388 |
|
|
| 1389 |
# test code reuse |
|
| 1390 |
result = backend.handle_verification(user, valid_code) |
|
| 1391 |
self.assertEqual(result.status, backend.Result.ERROR) |
|
| 1392 |
user = AstakosUser.objects.get() |
|
| 1393 |
self.assertEqual(user.is_active, False) |
|
| 1394 |
self.assertEqual(user.moderated, False) |
|
| 1395 |
self.assertEqual(user.moderated_at, None) |
|
| 1396 |
self.assertEqual(user.email_verified, True) |
|
| 1397 |
self.assertTrue(user.activation_sent) |
|
| 1398 |
|
|
| 1399 |
# valid code on verified user |
|
| 1400 |
user = AstakosUser.objects.get() |
|
| 1401 |
valid_code = user.verification_code |
|
| 1402 |
result = backend.handle_verification(user, valid_code) |
|
| 1403 |
self.assertEqual(result.status, backend.Result.ERROR) |
|
| 1404 |
|
|
| 1405 |
# step three, moderation user |
|
| 1406 |
user = AstakosUser.objects.get() |
|
| 1407 |
result = backend.handle_moderation(user) |
|
| 1408 |
backend.send_result_notifications(result, user) |
|
| 1409 |
|
|
| 1410 |
user = AstakosUser.objects.get() |
|
| 1411 |
self.assertEqual(user.is_active, True) |
|
| 1412 |
self.assertEqual(user.moderated, True) |
|
| 1413 |
self.assertTrue(user.moderated_at) |
|
| 1414 |
self.assertEqual(user.email_verified, True) |
|
| 1415 |
self.assertTrue(user.activation_sent) |
|
| 1416 |
|
|
| 1417 |
|
|
| 1199 | 1418 |
class TestProjects(TestCase): |
| 1200 | 1419 |
""" |
| 1201 | 1420 |
Test projects. |
Also available in: Unified diff