tests: Use self.request(..., basic='...') to simulate authentication.

__ac_name & __ac_password are only useful to get a cookie, so only use them
when the test is actually expecting a cookie.

product/ERP5/tests/testAuthenticationPolicy.py

@@ -28,6 +28,7 @@
 #
 ##############################################################################
 
+from functools import partial
 import unittest
 import urllib
 from StringIO import StringIO
@@ -603,10 +604,13 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
     time.sleep(1)
     self.assertTrue(login.isPasswordExpired())
 
+    publish = partial(
+      self.publish,
+      portal.absolute_url_path() + '/view',
+      basic=self.id() + ':password',
+    )
     # User cannot login
-    path = portal.absolute_url_path() + '/view?__ac_name=%s&__ac_password=%s' % (
-      self.id(), 'password')
-    response = self.publish(path)
+    response = publish()
     self.assertTrue(response.getHeader("Location").endswith("login_form"))
     self.tic()
 
@@ -615,7 +619,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
         portal_type='Credential Recovery')
 
     # trying to login again does not create a new credential recovery
-    response = self.publish(path)
+    response = publish()
     self.tic()
     credential_recovery, = login.getDestinationDecisionRelatedValueList(
         portal_type='Credential Recovery')
@@ -640,24 +644,30 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
     login.setPassword('used_ALREADY_1234')
     self.tic()
 
-    path = portal.absolute_url_path() + '/view?__ac_name=%s&__ac_password=%s'  %('test-05', 'used_ALREADY_1234')
-    response = self.publish(path)
+    response = self.publish(
+      portal.absolute_url_path() + '/view',
+      basic='test-05:used_ALREADY_1234',
+    )
     self.assertTrue('Welcome to ERP5' in response.getBody())
     self.assertFalse(login.isLoginBlocked())
 
+    publish = partial(
+      self.publish,
+      portal.absolute_url_path() + '/view',
+      basic='test-05:bad_test',
+    )
     # fail request #1
-    path = portal.absolute_url_path() + '/view?__ac_name=%s&__ac_password=%s'  %('test-05', 'bad_test')
-    response = self.publish(path)
+    response = publish()
     self.assertTrue(response.getHeader("Location").endswith("login_form"))
     self.assertFalse(login.isLoginBlocked())
 
     # fail request #2
-    response = self.publish(path)
+    response = publish()
     self.assertTrue(response.getHeader("Location").endswith("login_form"))
     self.assertFalse(login.isLoginBlocked())
 
     # fail request #3
-    response = self.publish(path)
+    response = publish()
     self.assertTrue(response.getHeader("Location").endswith("login_form"))
     self.assertTrue(login.isLoginBlocked())
 
@@ -665,8 +675,12 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
 
     # test message that account is blocked
     self.assertTrue(login.isLoginBlocked())
-    path = portal.absolute_url_path() + '/logged_in?__ac_name=%s&__ac_password=%s'  %('test-05', 'used_ALREADY_1234')
-    response = self.publish(path)
+    publish = partial(
+      self.publish,
+      portal.absolute_url_path() + '/logged_in',
+      basic='test-05:used_ALREADY_1234',
+    )
+    response = publish()
     self.assertTrue(response.getHeader("Location").endswith("login_form?portal_status_message=Account is blocked."))
 
     # test expire password message, first unblock it
@@ -674,7 +688,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
     preference.setPreferredMaxPasswordLifetimeDuration(0)
     self.tic()
     self._clearCache()
-    response = self.publish(path)
+    response = publish()
     self.assertTrue(response.getHeader("Location").endswith("login_form?portal_status_message=Password is expired."))
     self.assertTrue(login.isPasswordExpired())
 
@@ -683,7 +697,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
     preference.setPreferredPasswordLifetimeExpireWarningDuration(24)
     self.tic()
     self._clearCache()
-    response = self.publish(path)
+    response = publish()
 
     self.assertTrue('Your password will expire' in response.getHeader("Location"))
     self.assertTrue('You are advised to change it as soon as possible' in response.getHeader("Location"))
@@ -692,8 +706,10 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
     preference.setPreferredPasswordLifetimeExpireWarningDuration(12)
     self.tic()
     self._clearCache()
-    path = portal.absolute_url_path() + '/view?__ac_name=%s&__ac_password=%s'  %('test-05', 'used_ALREADY_1234')
-    response = self.publish(path)
+    response = self.publish(
+      portal.absolute_url_path() + '/view',
+      basic='test-05:used_ALREADY_1234',
+    )
     self.assertTrue('Welcome to ERP5' in response.getBody())
 
   def test_ExpireOldAuthenticationEventList(self):

product/ERP5Security/tests/testERP5Security.py

@@ -898,6 +898,11 @@ class TestLocalRoleManagement(RoleManagementTestCase):
   def testSimpleLocalRole(self):
     """Test simple case of setting a role.
     """
+    def viewSecurity():
+      return self.publish(
+        self.portal.absolute_url_path() + '/Base_viewSecurity',
+        basic='%s:%s' % (self.username, self.username),
+      )
     self._getTypeInfo().newContent(portal_type='Role Information',
       role_name='Assignor',
       description='desc.',
@@ -913,9 +918,7 @@ class TestLocalRoleManagement(RoleManagementTestCase):
 
     # check if assignment change is effective immediately
     self.login()
-    res = self.publish(self.portal.absolute_url_path() + \
-                       '/Base_viewSecurity?__ac_name=%s&__ac_password=%s' % \
-                       (self.username, self.username))
+    res = viewSecurity()
     self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')],
                      ["--> ['F1_G1_S1']"], res.body)
     assignment = self.person.newContent( portal_type='Assignment',
@@ -923,15 +926,11 @@ class TestLocalRoleManagement(RoleManagementTestCase):
                                   site='subcat',
                                   function='another_subcat' )
     assignment.open()
-    res = self.publish(self.portal.absolute_url_path() + \
-                       '/Base_viewSecurity?__ac_name=%s&__ac_password=%s' % \
-                       (self.username, self.username))
+    res = viewSecurity()
     self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')],
                      ["--> ['F1_G1_S1']", "--> ['F2_G1_S1']"], res.body)
     assignment.setGroup('another_subcat')
-    res = self.publish(self.portal.absolute_url_path() + \
-                       '/Base_viewSecurity?__ac_name=%s&__ac_password=%s' % \
-                       (self.username, self.username))
+    res = viewSecurity()
     self.assertEqual([x for x in res.body.splitlines() if x.startswith('-->')],
                      ["--> ['F1_G1_S1']", "--> ['F2_G2_S1']"], res.body)
     self.abort()
@@ -1181,11 +1180,15 @@ class TestKeyAuthentication(RoleManagementTestCase):
     response = self.publish('%s/%s?__ac_key=%s' %(base_url, web_page.getReference(),
                                                   key))
     self.assertEqual(response.getStatus(), 200)
-    response = self.publish('%s/%s?__ac_name=%s&__ac_password=%s' % (
-      base_url, web_page.getReference(), reference, 'guest'))
+    response = self.publish(
+      base_url + '/' + web_page.getReference(),
+      basic=reference + ':guest',
+    )
     self.assertEqual(response.getStatus(), 200)
-    response = self.publish('%s/%s?__ac_name=%s&__ac_password=%s' % (
-      base_url, web_page.getReference(), 'ERP5TypeTestCase', ''))
+    response = self.publish(
+      base_url + '/' + web_page.getReference(),
+      basic='ERP5TypeTestCase:',
+    )
     self.assertEqual(response.getStatus(), 200)