Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Ludovic Kiefer
erp5
Commits
f6c6c15c
Commit
f6c6c15c
authored
10 years ago
by
Alain Takoudjou
Committed by
Rafael Monnerat
10 years ago
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add unit test testERP5AccessTokenSkins
parent
0af49c72
master
allow_login_change
allow_login_change_wip
arnau
arnau-RD-Components-CacheTool
arnau-RD-Components-Products-import-compat
arnau-RD-Components-astroid_cache_per_component_reset
arnau-RD-Components-erp5_crm
arnau-RD-Components-erp5_trade-TODO-Interactor
arnau-TM-Components-Migrate-PortalTransforms
arnau-TM-Components-ModuleSecurityInfo
arnau-TM-Components-PortalTransforms
arnau-TM-FEC-output
arnau-TM-isBuildable-with-multiple-BusinessLinks
arnau-TM-jabber-client-desktop-notifications
arnau-TM-newContent-temp_object
arnau-TM-runUnitTest-clear-previous-execution-catalog
arnau-TM-wkhtmltopdf
arnau-WIP
arnau-kns
arnau-kns-without-property-mapping
arnau-real-time-inventory-accounting
auto_extend_select_list
autoflake
backup_erp5_workflow
bk_erp5ish_actions_tool
bk_sqlcatalog
bt5_config
callable-jupyter-storage
catalog_filter
catalog_fulltext
catalog_fulltext_old
cedriclen-eos
cherry-pick-4a8e045d
clean_up_upgrader
cleanup_acquisition_base_category
cmf_upgrade_versions
datetimefield
delivery_item_barcode
douglas_forum
dream_distributor
dsn-phase3
enhance_scalability_testing
eos-dev
erp5-component
erp5-forum
erp5-imt
erp5-messenger
erp5-preference
erp5-release
erp5-slapos-upgrade
erp5-vifib
erp5-vifib-cleanup
erp5_catalog
erp5_catalog_final
erp5_corporate_identity
erp5_free_subscription
erp5_hal_json_style_fix_restricted_access_with_traverse
erp5_payslip_migration
erp5_workflow
erp5testnode_max_timeout
feat/ERP5JS_google_login
feat/accept-multiple-portal-types-as-external-login
feat/coding_style_form_naming
feat/configurator_bt_categories
feat/dms_implicit_predecessor_successor_fields
feat/erp5_ide
feat/inventory_api_group_by_time_interval_list
feat/no_update_button
feat/olapy
feat/python_language_support
feat/stock_browser_navigation
feat/validated_currency
feature/renderjs-ui-no-header
fix/advance_ecommerce_coding_crimes
fix/base_call_dialog_method_log
fix/configurator_workflow_cleanups
fix/login_validate_check_consistency
fix/support-request-app-empty
fix/test_result_after_mep
fix/workflow_method_security
for_testrunner_1
for_testrunner_2
for_testrunner_3
for_testrunner_4
gadget-json-value
hotfix/rjs-formfields-padding
improve_default_caching_policy_manager
initsite
isDeletable
jerome_graph_editor_renderjs
jerome_user_preference_time_zone
jm/form-action-guard
js-ui
kns
listbox_url
macros_fix
mic_wind
monitoring-graph
no_longer_simulated_state
officejs
officejs_slideshow_editor
portal_callables
portal_solver_process_security_configuration
publish_recursiveReindexObject
refactor/base_edit
reindex_calendar_after_change_calendar_exception
reveal_editor
reveal_editor_bak
revert-38554dbe
scalability-master
scalability-roque
scalability-roque-2
scalability-run-command
shop-box
shop-box-rebase
streaming_fix
streaming_fix-0
taskdistribution-xmlrpc-binary
testnode_software_link
timezones
tristan
tristan-merge
trustable-x-forwarded-for
valentin_translation_fix
view-aggregated-amounts
vivekpab_renderjs_interfaces
wenjie
wenjie_branch
wsgi
wsgi-gevent
wsgi_backport_setbody_lock
wsgi_medusa_stream_fix
0.4.59.1
0.4.59
test-ui
test-rjsacc
test-rjs
renderjs-test
erp5.util-0.4.68
erp5.util-0.4.67
erp5.util-0.4.66
erp5.util-0.4.65
erp5.util-0.4.64
erp5.util-0.4.63
erp5.util-0.4.62
erp5.util-0.4.61
erp5.util-0.4.60
erp5.util-0.4.59.1
erp5.util-0.4.59
erp5.util-0.4.58
erp5.util-0.4.57
erp5.util-0.4.56
erp5.util-0.4.55
erp5.util-0.4.54
erp5.util-0.4.53
erp5.util-0.4.52
erp5.util-0.4.49
erp5.util-0.4.46
erp5.util-0.4.44
erp5.util-0.4.43
No related merge requests found
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
256 additions
and
2 deletions
+256
-2
bt5/erp5_access_token/TestTemplateItem/testERP5AccessTokenSkins.py
...access_token/TestTemplateItem/testERP5AccessTokenSkins.py
+253
-0
bt5/erp5_access_token/bt/revision
bt5/erp5_access_token/bt/revision
+1
-1
bt5/erp5_access_token/bt/template_test_id_list
bt5/erp5_access_token/bt/template_test_id_list
+2
-1
No files found.
bt5/erp5_access_token/TestTemplateItem/testERP5AccessTokenSkins.py
0 → 100644
View file @
f6c6c15c
# Copyright (c) 2002-2013 Nexedi SA and Contributors. All Rights Reserved.
from
Products.ERP5Type.tests.ERP5TypeTestCase
import
ERP5TypeTestCase
import
transaction
class
TestERP5AccessTokenSkins
(
ERP5TypeTestCase
):
test_token_extraction_id
=
'test_erp5_access_token_extraction'
def
generateNewId
(
self
):
return
str
(
self
.
portal
.
portal_ids
.
generateNewId
(
id_group
=
(
'erp5_access_token_test_id'
)))
def
afterSetUp
(
self
):
"""
This is ran before anything, used to set the environment
"""
self
.
portal
=
self
.
getPortalObject
()
self
.
new_id
=
self
.
generateNewId
()
self
.
_setupAccessTokenExtraction
()
transaction
.
commit
()
self
.
tic
()
def
_setupAccessTokenExtraction
(
self
):
pas
=
self
.
portal
.
acl_users
access_extraction_list
=
[
q
for
q
in
pas
.
objectValues
()
\
if
q
.
meta_type
==
'ERP5 Access Token Extraction Plugin'
]
if
len
(
access_extraction_list
)
==
0
:
dispacher
=
pas
.
manage_addProduct
[
'ERP5Security'
]
dispacher
.
addERP5AccessTokenExtractionPlugin
(
self
.
test_token_extraction_id
)
getattr
(
pas
,
self
.
test_token_extraction_id
).
manage_activateInterfaces
(
(
'IExtractionPlugin'
,))
elif
len
(
access_extraction_list
)
==
1
:
self
.
test_token_extraction_id
=
access_extraction_list
[
0
].
getId
()
elif
len
(
access_extraction_list
)
>
1
:
raise
ValueError
transaction
.
commit
()
def
_createPerson
(
self
,
new_id
):
"""Creates a person in person module, and returns the object, after
indexing is done. """
person_module
=
self
.
getPersonModule
()
person
=
person_module
.
newContent
(
portal_type
=
'Person'
,
reference
=
'TESTP-'
+
new_id
)
person
.
newContent
(
portal_type
=
'Assignment'
).
open
()
transaction
.
commit
()
return
person
def
_getTokenCredential
(
self
,
request
):
plugin
=
getattr
(
self
.
portal
.
acl_users
,
self
.
test_token_extraction_id
)
return
plugin
.
extractCredentials
(
request
)
def
_createRestrictedAccessToken
(
self
,
new_id
,
person
,
method
,
url_string
):
access_token
=
self
.
portal
.
access_token_module
.
newContent
(
portal_type
=
"Restricted Access Token"
,
url_string
=
url_string
,
url_method
=
method
,
)
if
person
:
access_token
.
edit
(
agent_value
=
person
)
return
access_token
def
_createOneTimeRestrictedAccessToken
(
self
,
new_id
,
person
,
method
,
url_string
):
access_token
=
self
.
portal
.
access_token_module
.
newContent
(
portal_type
=
"One Time Restricted Access Token"
,
url_string
=
url_string
,
url_method
=
method
,
)
if
person
:
access_token
.
edit
(
agent_value
=
person
)
return
access_token
def
test_working_token
(
self
):
person
=
self
.
person
=
self
.
_createPerson
(
self
.
new_id
)
access_url
=
"http://exemple.com/foo"
access_method
=
"GET"
access_token
=
self
.
_createRestrictedAccessToken
(
self
.
new_id
,
person
,
access_method
,
access_url
)
access_token
.
validate
()
self
.
tic
()
self
.
portal
.
REQUEST
.
form
[
"access_token"
]
=
access_token
.
getId
()
self
.
portal
.
REQUEST
[
"REQUEST_METHOD"
]
=
access_method
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
access_url
self
.
portal
.
REQUEST
.
form
[
"access_token_secret"
]
=
access_token
.
getReference
()
result
=
self
.
_getTokenCredential
(
self
.
portal
.
REQUEST
)
self
.
assertEqual
(
result
.
get
(
'external_login'
),
person
.
getReference
())
def
test_bad_token
(
self
):
person
=
self
.
person
=
self
.
_createPerson
(
self
.
new_id
)
access_url
=
"http://exemple.com/foo"
access_method
=
"GET"
access_token
=
self
.
_createRestrictedAccessToken
(
self
.
new_id
,
person
,
access_method
,
access_url
)
access_token
.
validate
()
self
.
tic
()
self
.
portal
.
REQUEST
.
form
[
"access_token"
]
=
"XYSYDT-YDTYSD"
self
.
portal
.
REQUEST
[
"REQUEST_METHOD"
]
=
access_method
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
access_url
self
.
portal
.
REQUEST
.
form
[
"access_token_secret"
]
=
access_token
.
getReference
()
result
=
self
.
_getTokenCredential
(
self
.
portal
.
REQUEST
)
self
.
assertEqual
(
result
,
{})
def
test_RestrictedAccessToken_getExternalLogin
(
self
):
person
=
self
.
person
=
self
.
_createPerson
(
self
.
new_id
)
access_url
=
"http://exemple.com/foo"
access_method
=
"GET"
access_token
=
self
.
_createRestrictedAccessToken
(
self
.
new_id
,
person
,
access_method
,
access_url
)
access_token
.
validate
()
self
.
tic
()
self
.
portal
.
REQUEST
[
"REQUEST_METHOD"
]
=
access_method
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
access_url
self
.
portal
.
REQUEST
.
form
[
"access_token_secret"
]
=
access_token
.
getReference
()
result
=
access_token
.
RestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
person
.
getReference
())
self
.
assertEqual
(
access_token
.
getValidationState
(),
'validated'
)
def
test_RestrictedAccessToken_getExternalLogin_access_token_secret
(
self
):
person
=
self
.
person
=
self
.
_createPerson
(
self
.
new_id
)
access_url
=
"http://exemple.com/foo"
access_method
=
"GET"
access_token
=
self
.
_createRestrictedAccessToken
(
self
.
new_id
,
person
,
access_method
,
access_url
)
access_token
.
validate
()
self
.
tic
()
self
.
portal
.
REQUEST
[
"REQUEST_METHOD"
]
=
access_method
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
access_url
result
=
access_token
.
RestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
self
.
portal
.
REQUEST
.
form
[
"access_token_secret"
]
=
"XYXYXYXY"
self
.
assertEqual
(
result
,
None
)
self
.
portal
.
REQUEST
.
form
[
"access_token_secret"
]
=
access_token
.
getReference
()
result
=
access_token
.
RestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
person
.
getReference
())
self
.
assertEqual
(
access_token
.
getValidationState
(),
'validated'
)
def
test_RestrictedAccessToken_getExternalLogin_no_agent
(
self
):
access_url
=
"http://exemple.com/foo"
access_method
=
"GET"
access_token
=
self
.
_createRestrictedAccessToken
(
self
.
new_id
,
None
,
access_method
,
access_url
)
access_token
.
validate
()
self
.
tic
()
self
.
portal
.
REQUEST
[
"REQUEST_METHOD"
]
=
access_method
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
access_url
self
.
portal
.
REQUEST
.
form
[
"access_token_secret"
]
=
access_token
.
getReference
()
result
=
access_token
.
RestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
def
test_RestrictedAccessToken_getExternalLogin_wrong_values
(
self
):
person
=
self
.
person
=
self
.
_createPerson
(
self
.
new_id
)
access_url
=
"http://exemple.com/foo"
access_method
=
"GET"
access_token
=
self
.
_createRestrictedAccessToken
(
self
.
new_id
,
person
,
access_method
,
access_url
)
self
.
tic
()
result
=
access_token
.
RestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
access_token
.
validate
()
self
.
tic
()
self
.
portal
.
REQUEST
[
"REQUEST_METHOD"
]
=
"POST"
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
access_url
self
.
portal
.
REQUEST
.
form
[
"access_token_secret"
]
=
access_token
.
getReference
()
result
=
access_token
.
RestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
"http://exemple.com/foo.bar"
result
=
access_token
.
RestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
access_token
.
invalidate
()
self
.
tic
()
result
=
access_token
.
RestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
def
test_OneTimeRestrictedAccessToken_getExternalLogin
(
self
):
person
=
self
.
person
=
self
.
_createPerson
(
self
.
new_id
)
access_url
=
"http://exemple.com/foo"
access_method
=
"GET"
access_token
=
self
.
_createOneTimeRestrictedAccessToken
(
self
.
new_id
,
person
,
access_method
,
access_url
)
access_token
.
validate
()
self
.
tic
()
self
.
portal
.
REQUEST
[
"REQUEST_METHOD"
]
=
access_method
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
access_url
result
=
access_token
.
OneTimeRestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
person
.
getReference
())
self
.
assertEqual
(
access_token
.
getValidationState
(),
'invalidated'
)
def
test_OneTimeRestrictedAccessToken_getExternalLogin_wrong_values
(
self
):
person
=
self
.
person
=
self
.
_createPerson
(
self
.
new_id
)
access_url
=
"http://exemple.com/foo"
access_method
=
"POST"
access_token
=
self
.
_createOneTimeRestrictedAccessToken
(
self
.
new_id
,
person
,
access_method
,
access_url
)
self
.
tic
()
result
=
access_token
.
OneTimeRestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
access_token
.
validate
()
self
.
tic
()
self
.
portal
.
REQUEST
[
"REQUEST_METHOD"
]
=
"GET"
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
access_url
result
=
access_token
.
OneTimeRestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
self
.
portal
.
REQUEST
[
"ACTUAL_URL"
]
=
"http://exemple.com/foo.bar"
result
=
access_token
.
OneTimeRestrictedAccessToken_getExternalLogin
()
self
.
assertEqual
(
result
,
None
)
This diff is collapsed.
Click to expand it.
bt5/erp5_access_token/bt/revision
View file @
f6c6c15c
5
\ No newline at end of file
6
\ No newline at end of file
This diff is collapsed.
Click to expand it.
bt5/erp5_access_token/bt/template_test_id_list
View file @
f6c6c15c
testERP5AccessTokenAlarm
testERP5AccessTokenSkins
\ No newline at end of file
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment