Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Binh
erp5
Commits
2c064266
Commit
2c064266
authored
Aug 26, 2019
by
Rafael Monnerat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
erp5_certificate_authority: Implement backward-compatibility with ERP5 Login
Also extend tests to cover recently changes
parent
343f922c
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
140 additions
and
10 deletions
+140
-10
bt5/erp5_certificate_authority/DocumentTemplateItem/portal_components/document.erp5.Person.py
...entTemplateItem/portal_components/document.erp5.Person.py
+10
-1
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityTool.py
...rtal_components/test.erp5.testCertificateAuthorityTool.py
+102
-2
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityTool.xml
...tal_components/test.erp5.testCertificateAuthorityTool.xml
+28
-7
No files found.
bt5/erp5_certificate_authority/DocumentTemplateItem/portal_components/document.erp5.Person.py
View file @
2c064266
...
@@ -7,7 +7,16 @@ class Person(ERP5Person):
...
@@ -7,7 +7,16 @@ class Person(ERP5Person):
security
.
declarePublic
(
'getCertificate'
)
security
.
declarePublic
(
'getCertificate'
)
def
_getCertificateLoginDocument
(
self
):
def
_getCertificateLoginDocument
(
self
):
for
_certificate_login
in
self
.
objectValues
(
portal_type
=
"Certificate Login"
):
for
_erp5_login
in
self
.
objectValues
(
portal_type
=
[
"ERP5 Login"
]):
if
_erp5_login
.
getValidationState
()
==
"validated"
and
\
_erp5_login
.
getReference
()
==
self
.
getUserId
():
# The user already created a Login document as UserId, so
# So just use this one.
return
_erp5_login
for
_certificate_login
in
self
.
objectValues
(
portal_type
=
[
"Certificate Login"
]):
if
_certificate_login
.
getValidationState
()
==
"validated"
:
if
_certificate_login
.
getValidationState
()
==
"validated"
:
return
_certificate_login
return
_certificate_login
...
...
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityTool.py
View file @
2c064266
...
@@ -31,6 +31,7 @@ import os
...
@@ -31,6 +31,7 @@ import os
import
random
import
random
import
unittest
import
unittest
from
Products.ERP5Type.tests.ERP5TypeTestCase
import
ERP5TypeTestCase
from
Products.ERP5Type.tests.ERP5TypeTestCase
import
ERP5TypeTestCase
from
Products.DCWorkflow.DCWorkflow
import
ValidationFailed
from
AccessControl
import
Unauthorized
from
AccessControl
import
Unauthorized
class
TestCertificateAuthority
(
ERP5TypeTestCase
):
class
TestCertificateAuthority
(
ERP5TypeTestCase
):
...
@@ -39,6 +40,7 @@ class TestCertificateAuthority(ERP5TypeTestCase):
...
@@ -39,6 +40,7 @@ class TestCertificateAuthority(ERP5TypeTestCase):
return
"Test Certificate Authority"
return
"Test Certificate Authority"
def
afterSetUp
(
self
):
def
afterSetUp
(
self
):
if
"TEST_CA_PATH"
in
os
.
environ
:
self
.
portal
.
portal_certificate_authority
.
certificate_authority_path
=
\
self
.
portal
.
portal_certificate_authority
.
certificate_authority_path
=
\
os
.
environ
[
'TEST_CA_PATH'
]
os
.
environ
[
'TEST_CA_PATH'
]
...
@@ -59,6 +61,30 @@ class TestCertificateAuthority(ERP5TypeTestCase):
...
@@ -59,6 +61,30 @@ class TestCertificateAuthority(ERP5TypeTestCase):
self
.
loginByUserName
(
login
)
self
.
loginByUserName
(
login
)
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
certificate
=
person
.
getCertificate
()
certificate
=
person
.
getCertificate
()
certificate_login_list
=
person
.
objectValues
(
portal_type
=
"Certificate Login"
)
self
.
assertEquals
(
len
(
certificate_login_list
),
1
)
certificate_login
=
certificate_login_list
[
0
]
self
.
assertEquals
(
certificate_login
.
getReference
(),
user_id
)
self
.
assertEquals
(
certificate_login
.
getValidationState
(),
"validated"
)
self
.
assertTrue
(
'CN=%s'
%
user_id
in
certificate
[
'certificate'
])
def
test_person_duplicated_login
(
self
):
user_id
,
login
=
self
.
_createPerson
()
self
.
loginByUserName
(
login
)
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
person
.
newContent
(
portal_type
=
'ERP5 Login'
,
reference
=
user_id
).
validate
()
self
.
tic
()
certificate
=
person
.
getCertificate
()
certificate_login_list
=
person
.
objectValues
(
portal_type
=
"Certificate Login"
)
# If a erp5_login is already using the User ID, just reuse it for now
self
.
assertEquals
(
len
(
certificate_login_list
),
0
)
self
.
assertTrue
(
'CN=%s'
%
user_id
in
certificate
[
'certificate'
])
self
.
assertTrue
(
'CN=%s'
%
user_id
in
certificate
[
'certificate'
])
def
test_person_revoke_certificate
(
self
):
def
test_person_revoke_certificate
(
self
):
...
@@ -72,6 +98,14 @@ class TestCertificateAuthority(ERP5TypeTestCase):
...
@@ -72,6 +98,14 @@ class TestCertificateAuthority(ERP5TypeTestCase):
self
.
loginByUserName
(
login
)
self
.
loginByUserName
(
login
)
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
certificate
=
person
.
getCertificate
()
certificate
=
person
.
getCertificate
()
certificate_login_list
=
person
.
objectValues
(
portal_type
=
"Certificate Login"
)
self
.
assertEquals
(
len
(
certificate_login_list
),
1
)
certificate_login
=
certificate_login_list
[
0
]
self
.
assertEquals
(
certificate_login
.
getReference
(),
user_id
)
self
.
assertEquals
(
certificate_login
.
getValidationState
(),
"validated"
)
self
.
assertTrue
(
'CN=%s'
%
user_id
in
certificate
[
'certificate'
])
self
.
assertTrue
(
'CN=%s'
%
user_id
in
certificate
[
'certificate'
])
person
.
revokeCertificate
()
person
.
revokeCertificate
()
...
@@ -80,9 +114,56 @@ class TestCertificateAuthority(ERP5TypeTestCase):
...
@@ -80,9 +114,56 @@ class TestCertificateAuthority(ERP5TypeTestCase):
self
.
loginByUserName
(
login
)
self
.
loginByUserName
(
login
)
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
certificate
=
person
.
getCertificate
()
certificate
=
person
.
getCertificate
()
certificate_login_list
=
person
.
objectValues
(
portal_type
=
"Certificate Login"
)
self
.
assertEquals
(
len
(
certificate_login_list
),
1
)
certificate_login
=
certificate_login_list
[
0
]
self
.
assertEquals
(
certificate_login
.
getReference
(),
user_id
)
self
.
assertTrue
(
'CN=%s'
%
user_id
in
certificate
[
'certificate'
])
self
.
assertTrue
(
'CN=%s'
%
user_id
in
certificate
[
'certificate'
])
self
.
assertEquals
(
certificate_login
.
getValidationState
(),
"validated"
)
self
.
assertRaises
(
ValueError
,
person
.
getCertificate
)
self
.
assertRaises
(
ValueError
,
person
.
getCertificate
)
# Ensure it don't create a second object
certificate_login_list
=
person
.
objectValues
(
portal_type
=
"Certificate Login"
)
self
.
assertEquals
(
len
(
certificate_login_list
),
1
)
certificate_login
=
certificate_login_list
[
0
]
self
.
assertEquals
(
certificate_login
.
getReference
(),
user_id
)
self
.
assertEquals
(
certificate_login
.
getValidationState
(),
"validated"
)
def
test_person_request_revoke_request_certificate
(
self
):
user_id
,
login
=
self
.
_createPerson
()
self
.
loginByUserName
(
login
)
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
certificate
=
person
.
getCertificate
()
certificate_login_list
=
person
.
objectValues
(
portal_type
=
"Certificate Login"
)
self
.
assertEquals
(
len
(
certificate_login_list
),
1
)
certificate_login
=
certificate_login_list
[
0
]
self
.
assertEquals
(
certificate_login
.
getReference
(),
user_id
)
self
.
assertTrue
(
'CN=%s'
%
user_id
in
certificate
[
'certificate'
])
self
.
assertEquals
(
certificate_login
.
getValidationState
(),
"validated"
)
person
.
revokeCertificate
()
certificate
=
person
.
getCertificate
()
# Ensure it don't create a second object
certificate_login_list
=
person
.
objectValues
(
portal_type
=
"Certificate Login"
)
self
.
assertEquals
(
len
(
certificate_login_list
),
1
)
certificate_login
=
certificate_login_list
[
0
]
self
.
assertEquals
(
certificate_login
.
getReference
(),
user_id
)
self
.
assertEquals
(
certificate_login
.
getValidationState
(),
"validated"
)
def
test_person_request_certificate_for_another
(
self
):
def
test_person_request_certificate_for_another
(
self
):
user_id
,
login
=
self
.
_createPerson
()
user_id
,
login
=
self
.
_createPerson
()
user_id2
,
login2
=
self
.
_createPerson
()
user_id2
,
login2
=
self
.
_createPerson
()
...
@@ -91,6 +172,25 @@ class TestCertificateAuthority(ERP5TypeTestCase):
...
@@ -91,6 +172,25 @@ class TestCertificateAuthority(ERP5TypeTestCase):
self
.
loginByUserName
(
login2
)
self
.
loginByUserName
(
login2
)
self
.
assertRaises
(
Unauthorized
,
person
.
getCertificate
)
self
.
assertRaises
(
Unauthorized
,
person
.
getCertificate
)
def
test_person_duplicated_login_from_another_user
(
self
):
user_id
,
login
=
self
.
_createPerson
()
person
=
self
.
portal
.
person_module
.
newContent
(
portal_type
=
'Person'
,
reference
=
str
(
random
.
random
()),
password
=
login
)
person
.
newContent
(
portal_type
=
'Assignment'
).
open
()
# Try to create a login with other person user_id to cheat the system
person
.
newContent
(
portal_type
=
'ERP5 Login'
,
reference
=
user_id
).
validate
()
self
.
tic
()
self
.
loginByUserName
(
login
)
person
=
self
.
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
self
.
assertRaises
(
ValidationFailed
,
person
.
getCertificate
)
certificate_login_list
=
[
i
for
i
in
person
.
objectValues
(
portal_type
=
"Certificate Login"
)
if
i
.
getValidationState
()
==
"validated"
]
self
.
assertEquals
(
len
(
certificate_login_list
),
0
)
def
test_person_revoke_certificate_for_another
(
self
):
def
test_person_revoke_certificate_for_another
(
self
):
user_id
,
login
=
self
.
_createPerson
()
user_id
,
login
=
self
.
_createPerson
()
user_id2
,
login2
=
self
.
_createPerson
()
user_id2
,
login2
=
self
.
_createPerson
()
...
...
bt5/erp5_certificate_authority/TestTemplateItem/portal_components/test.erp5.testCertificateAuthorityTool.xml
View file @
2c064266
...
@@ -6,6 +6,12 @@
...
@@ -6,6 +6,12 @@
</pickle>
</pickle>
<pickle>
<pickle>
<dictionary>
<dictionary>
<item>
<key>
<string>
_recorded_property_dict
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
<item>
<item>
<key>
<string>
default_reference
</string>
</key>
<key>
<string>
default_reference
</string>
</key>
<value>
<string>
testCertificateAuthorityTool
</string>
</value>
<value>
<string>
testCertificateAuthorityTool
</string>
</value>
...
@@ -40,10 +46,10 @@
...
@@ -40,10 +46,10 @@
<key>
<string>
text_content_warning_message
</string>
</key>
<key>
<string>
text_content_warning_message
</string>
</key>
<value>
<value>
<tuple>
<tuple>
<string>
W:
65
, 4: Unused variable \'user_id\' (unused-variable)
</string>
<string>
W:
91
, 4: Unused variable \'user_id\' (unused-variable)
</string>
<string>
W:
88
, 4: Unused variable \'user_id2\' (unused-variable)
</string>
<string>
W:
169
, 4: Unused variable \'user_id2\' (unused-variable)
</string>
<string>
W:
87
, 4: Unused variable \'user_id\' (unused-variable)
</string>
<string>
W:
168
, 4: Unused variable \'user_id\' (unused-variable)
</string>
<string>
W:
96, 4: Unused variable \'user_id2\' (unused-variable)
</string>
<string>
W:
1
96, 4: Unused variable \'user_id2\' (unused-variable)
</string>
</tuple>
</tuple>
</value>
</value>
</item>
</item>
...
@@ -54,13 +60,28 @@
...
@@ -54,13 +60,28 @@
<item>
<item>
<key>
<string>
workflow_history
</string>
</key>
<key>
<string>
workflow_history
</string>
</key>
<value>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAA
I
=
</string>
</persistent>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAA
M
=
</string>
</persistent>
</value>
</value>
</item>
</item>
</dictionary>
</dictionary>
</pickle>
</pickle>
</record>
</record>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
</pickle>
...
@@ -73,7 +94,7 @@
...
@@ -73,7 +94,7 @@
<item>
<item>
<key>
<string>
component_validation_workflow
</string>
</key>
<key>
<string>
component_validation_workflow
</string>
</key>
<value>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAA
M
=
</string>
</persistent>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAA
Q
=
</string>
</persistent>
</value>
</value>
</item>
</item>
</dictionary>
</dictionary>
...
@@ -82,7 +103,7 @@
...
@@ -82,7 +103,7 @@
</dictionary>
</dictionary>
</pickle>
</pickle>
</record>
</record>
<record
id=
"
3"
aka=
"AAAAAAAAAAM
="
>
<record
id=
"
4"
aka=
"AAAAAAAAAAQ
="
>
<pickle>
<pickle>
<global
name=
"WorkflowHistoryList"
module=
"Products.ERP5Type.patches.WorkflowTool"
/>
<global
name=
"WorkflowHistoryList"
module=
"Products.ERP5Type.patches.WorkflowTool"
/>
</pickle>
</pickle>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment