Commit 6940b138 authored by Vincent Pelletier's avatar Vincent Pelletier

tests: Use self.request(..., basic='...') to simulate authentication.

__ac_name & __ac_password are only useful to get a cookie, so only use them
when the test is actually expecting a cookie.
parent bd9c5836
...@@ -28,6 +28,7 @@ ...@@ -28,6 +28,7 @@
# #
############################################################################## ##############################################################################
from functools import partial
import unittest import unittest
import urllib import urllib
from StringIO import StringIO from StringIO import StringIO
...@@ -603,10 +604,13 @@ class TestAuthenticationPolicy(ERP5TypeTestCase): ...@@ -603,10 +604,13 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
time.sleep(1) time.sleep(1)
self.assertTrue(login.isPasswordExpired()) self.assertTrue(login.isPasswordExpired())
publish = partial(
self.publish,
portal.absolute_url_path() + '/view',
basic=self.id() + ':password',
)
# User cannot login # User cannot login
path = portal.absolute_url_path() + '/view?__ac_name=%s&__ac_password=%s' % ( response = publish()
self.id(), 'password')
response = self.publish(path)
self.assertTrue(response.getHeader("Location").endswith("login_form")) self.assertTrue(response.getHeader("Location").endswith("login_form"))
self.tic() self.tic()
...@@ -615,7 +619,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase): ...@@ -615,7 +619,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
portal_type='Credential Recovery') portal_type='Credential Recovery')
# trying to login again does not create a new credential recovery # trying to login again does not create a new credential recovery
response = self.publish(path) response = publish()
self.tic() self.tic()
credential_recovery, = login.getDestinationDecisionRelatedValueList( credential_recovery, = login.getDestinationDecisionRelatedValueList(
portal_type='Credential Recovery') portal_type='Credential Recovery')
...@@ -640,24 +644,30 @@ class TestAuthenticationPolicy(ERP5TypeTestCase): ...@@ -640,24 +644,30 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
login.setPassword('used_ALREADY_1234') login.setPassword('used_ALREADY_1234')
self.tic() self.tic()
path = portal.absolute_url_path() + '/view?__ac_name=%s&__ac_password=%s' %('test-05', 'used_ALREADY_1234') response = self.publish(
response = self.publish(path) portal.absolute_url_path() + '/view',
basic='test-05:used_ALREADY_1234',
)
self.assertTrue('Welcome to ERP5' in response.getBody()) self.assertTrue('Welcome to ERP5' in response.getBody())
self.assertFalse(login.isLoginBlocked()) self.assertFalse(login.isLoginBlocked())
publish = partial(
self.publish,
portal.absolute_url_path() + '/view',
basic='test-05:bad_test',
)
# fail request #1 # fail request #1
path = portal.absolute_url_path() + '/view?__ac_name=%s&__ac_password=%s' %('test-05', 'bad_test') response = publish()
response = self.publish(path)
self.assertTrue(response.getHeader("Location").endswith("login_form")) self.assertTrue(response.getHeader("Location").endswith("login_form"))
self.assertFalse(login.isLoginBlocked()) self.assertFalse(login.isLoginBlocked())
# fail request #2 # fail request #2
response = self.publish(path) response = publish()
self.assertTrue(response.getHeader("Location").endswith("login_form")) self.assertTrue(response.getHeader("Location").endswith("login_form"))
self.assertFalse(login.isLoginBlocked()) self.assertFalse(login.isLoginBlocked())
# fail request #3 # fail request #3
response = self.publish(path) response = publish()
self.assertTrue(response.getHeader("Location").endswith("login_form")) self.assertTrue(response.getHeader("Location").endswith("login_form"))
self.assertTrue(login.isLoginBlocked()) self.assertTrue(login.isLoginBlocked())
...@@ -665,8 +675,12 @@ class TestAuthenticationPolicy(ERP5TypeTestCase): ...@@ -665,8 +675,12 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
# test message that account is blocked # test message that account is blocked
self.assertTrue(login.isLoginBlocked()) self.assertTrue(login.isLoginBlocked())
path = portal.absolute_url_path() + '/logged_in?__ac_name=%s&__ac_password=%s' %('test-05', 'used_ALREADY_1234') publish = partial(
response = self.publish(path) self.publish,
portal.absolute_url_path() + '/logged_in',
basic='test-05:used_ALREADY_1234',
)
response = publish()
self.assertTrue(response.getHeader("Location").endswith("login_form?portal_status_message=Account is blocked.")) self.assertTrue(response.getHeader("Location").endswith("login_form?portal_status_message=Account is blocked."))
# test expire password message, first unblock it # test expire password message, first unblock it
...@@ -674,7 +688,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase): ...@@ -674,7 +688,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
preference.setPreferredMaxPasswordLifetimeDuration(0) preference.setPreferredMaxPasswordLifetimeDuration(0)
self.tic() self.tic()
self._clearCache() self._clearCache()
response = self.publish(path) response = publish()
self.assertTrue(response.getHeader("Location").endswith("login_form?portal_status_message=Password is expired.")) self.assertTrue(response.getHeader("Location").endswith("login_form?portal_status_message=Password is expired."))
self.assertTrue(login.isPasswordExpired()) self.assertTrue(login.isPasswordExpired())
...@@ -683,7 +697,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase): ...@@ -683,7 +697,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
preference.setPreferredPasswordLifetimeExpireWarningDuration(24) preference.setPreferredPasswordLifetimeExpireWarningDuration(24)
self.tic() self.tic()
self._clearCache() self._clearCache()
response = self.publish(path) response = publish()
self.assertTrue('Your password will expire' in response.getHeader("Location")) self.assertTrue('Your password will expire' in response.getHeader("Location"))
self.assertTrue('You are advised to change it as soon as possible' in response.getHeader("Location")) self.assertTrue('You are advised to change it as soon as possible' in response.getHeader("Location"))
...@@ -692,8 +706,10 @@ class TestAuthenticationPolicy(ERP5TypeTestCase): ...@@ -692,8 +706,10 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
preference.setPreferredPasswordLifetimeExpireWarningDuration(12) preference.setPreferredPasswordLifetimeExpireWarningDuration(12)
self.tic() self.tic()
self._clearCache() self._clearCache()
path = portal.absolute_url_path() + '/view?__ac_name=%s&__ac_password=%s' %('test-05', 'used_ALREADY_1234') response = self.publish(
response = self.publish(path) portal.absolute_url_path() + '/view',
basic='test-05:used_ALREADY_1234',
)
self.assertTrue('Welcome to ERP5' in response.getBody()) self.assertTrue('Welcome to ERP5' in response.getBody())
def test_ExpireOldAuthenticationEventList(self): def test_ExpireOldAuthenticationEventList(self):
......
...@@ -898,6 +898,11 @@ class TestLocalRoleManagement(RoleManagementTestCase): ...@@ -898,6 +898,11 @@ class TestLocalRoleManagement(RoleManagementTestCase):
def testSimpleLocalRole(self): def testSimpleLocalRole(self):
"""Test simple case of setting a role. """Test simple case of setting a role.
""" """
def viewSecurity():
return self.publish(
self.portal.absolute_url_path() + '/Base_viewSecurity',
basic='%s:%s' % (self.username, self.username),
)
self._getTypeInfo().newContent(portal_type='Role Information', self._getTypeInfo().newContent(portal_type='Role Information',
role_name='Assignor', role_name='Assignor',
description='desc.', description='desc.',
...@@ -913,9 +918,7 @@ class TestLocalRoleManagement(RoleManagementTestCase): ...@@ -913,9 +918,7 @@ class TestLocalRoleManagement(RoleManagementTestCase):
# check if assignment change is effective immediately # check if assignment change is effective immediately
self.login() self.login()
res = self.publish(self.portal.absolute_url_path() + \ res = viewSecurity()
'/Base_viewSecurity?__ac_name=%s&__ac_password=%s' % \
(self.username, self.username))
self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')], self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')],
["--> ['F1_G1_S1']"], res.body) ["--> ['F1_G1_S1']"], res.body)
assignment = self.person.newContent( portal_type='Assignment', assignment = self.person.newContent( portal_type='Assignment',
...@@ -923,15 +926,11 @@ class TestLocalRoleManagement(RoleManagementTestCase): ...@@ -923,15 +926,11 @@ class TestLocalRoleManagement(RoleManagementTestCase):
site='subcat', site='subcat',
function='another_subcat' ) function='another_subcat' )
assignment.open() assignment.open()
res = self.publish(self.portal.absolute_url_path() + \ res = viewSecurity()
'/Base_viewSecurity?__ac_name=%s&__ac_password=%s' % \
(self.username, self.username))
self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')], self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')],
["--> ['F1_G1_S1']", "--> ['F2_G1_S1']"], res.body) ["--> ['F1_G1_S1']", "--> ['F2_G1_S1']"], res.body)
assignment.setGroup('another_subcat') assignment.setGroup('another_subcat')
res = self.publish(self.portal.absolute_url_path() + \ res = viewSecurity()
'/Base_viewSecurity?__ac_name=%s&__ac_password=%s' % \
(self.username, self.username))
self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')], self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')],
["--> ['F1_G1_S1']", "--> ['F2_G2_S1']"], res.body) ["--> ['F1_G1_S1']", "--> ['F2_G2_S1']"], res.body)
self.abort() self.abort()
...@@ -1181,11 +1180,15 @@ class TestKeyAuthentication(RoleManagementTestCase): ...@@ -1181,11 +1180,15 @@ class TestKeyAuthentication(RoleManagementTestCase):
response = self.publish('%s/%s?__ac_key=%s' %(base_url, web_page.getReference(), response = self.publish('%s/%s?__ac_key=%s' %(base_url, web_page.getReference(),
key)) key))
self.assertEqual(response.getStatus(), 200) self.assertEqual(response.getStatus(), 200)
response = self.publish('%s/%s?__ac_name=%s&__ac_password=%s' % ( response = self.publish(
base_url, web_page.getReference(), reference, 'guest')) base_url + '/' + web_page.getReference(),
basic=reference + ':guest',
)
self.assertEqual(response.getStatus(), 200) self.assertEqual(response.getStatus(), 200)
response = self.publish('%s/%s?__ac_name=%s&__ac_password=%s' % ( response = self.publish(
base_url, web_page.getReference(), 'ERP5TypeTestCase', '')) base_url + '/' + web_page.getReference(),
basic='ERP5TypeTestCase:',
)
self.assertEqual(response.getStatus(), 200) self.assertEqual(response.getStatus(), 200)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment