16 |
16 |
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
17 |
17 |
|
18 |
18 |
import os
|
|
19 |
import json
|
19 |
20 |
|
20 |
21 |
import pytest
|
21 |
22 |
import mock
|
... | ... | |
124 |
125 |
'use_tls': False,
|
125 |
126 |
'attributes': ['jpegPhoto'],
|
126 |
127 |
}]
|
|
128 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
|
129 |
|
127 |
130 |
result = client.post('/login/', {'login-password-submit': '1',
|
128 |
131 |
'username': USERNAME,
|
129 |
132 |
'password': PASS}, follow=True)
|
... | ... | |
152 |
155 |
'basedn': u'o=ôrga',
|
153 |
156 |
'use_tls': False,
|
154 |
157 |
}]
|
|
158 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
155 |
159 |
result = client.post('/login/', {'login-password-submit': '1',
|
156 |
160 |
'username': USERNAME,
|
157 |
161 |
'password': PASS}, follow=True)
|
... | ... | |
179 |
183 |
'is_superuser': True,
|
180 |
184 |
'is_staff': True,
|
181 |
185 |
}]
|
|
186 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
182 |
187 |
utils.login(app, simple_user, path='/admin/')
|
183 |
188 |
utils.login(app, UID, password=PASS, path='/admin/')
|
184 |
189 |
|
... | ... | |
218 |
223 |
'use_tls': False,
|
219 |
224 |
'ou_slug': 'test',
|
220 |
225 |
}]
|
|
226 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
221 |
227 |
result = client.post('/login/', {'login-password-submit': '1',
|
222 |
228 |
'username': USERNAME,
|
223 |
229 |
'password': PASS}, follow=True)
|
... | ... | |
239 |
245 |
'use_tls': False,
|
240 |
246 |
'ou_slug': 'test',
|
241 |
247 |
}]
|
|
248 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
242 |
249 |
with pytest.raises(ImproperlyConfigured):
|
243 |
250 |
client.post('/login/', {'login-password-submit': '1',
|
244 |
251 |
'username': USERNAME,
|
... | ... | |
272 |
279 |
[u'cn=group1,o=ôrga', ['Group1']],
|
273 |
280 |
],
|
274 |
281 |
}]
|
|
282 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
275 |
283 |
assert Group.objects.filter(name='Group1').count() == 0
|
276 |
284 |
response = client.post('/login/', {'login-password-submit': '1',
|
277 |
285 |
'username': USERNAME,
|
... | ... | |
294 |
302 |
],
|
295 |
303 |
'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))',
|
296 |
304 |
}]
|
|
305 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
297 |
306 |
assert Group.objects.filter(name='Group2').count() == 0
|
298 |
307 |
response = client.post('/login/', {'login-password-submit': '1',
|
299 |
308 |
'username': USERNAME,
|
... | ... | |
335 |
344 |
],
|
336 |
345 |
'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))',
|
337 |
346 |
}]
|
|
347 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
338 |
348 |
response = client.post('/login/', {'login-password-submit': '1',
|
339 |
349 |
'username': USERNAME,
|
340 |
350 |
'password': PASS}, follow=True)
|
... | ... | |
351 |
361 |
'use_tls': False,
|
352 |
362 |
'groupsu': [u'cn=group1,o=ôrga'],
|
353 |
363 |
}]
|
|
364 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
354 |
365 |
response = client.post('/login/', {'login-password-submit': '1',
|
355 |
366 |
'username': USERNAME,
|
356 |
367 |
'password': PASS}, follow=True)
|
... | ... | |
369 |
380 |
'use_tls': False,
|
370 |
381 |
'groupstaff': [u'cn=group1,o=ôrga'],
|
371 |
382 |
}]
|
|
383 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
372 |
384 |
response = client.post('/login/', {'login-password-submit': '1',
|
373 |
385 |
'username': 'etienne.michu',
|
374 |
386 |
'password': PASS}, follow=True)
|
... | ... | |
392 |
404 |
],
|
393 |
405 |
'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))',
|
394 |
406 |
}]
|
|
407 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
395 |
408 |
save = mock.Mock(wraps=ldap_backend.LDAPUser.save)
|
396 |
409 |
ldap_backend.LDAPUser.save = MethodType(save, None, ldap_backend.LDAPUser)
|
397 |
410 |
bulk_create = mock.Mock(wraps=django.db.models.query.QuerySet.bulk_create)
|
... | ... | |
468 |
481 |
'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))',
|
469 |
482 |
'set_mandatory_roles': ['tech', 'admin'],
|
470 |
483 |
}]
|
|
484 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
471 |
485 |
|
472 |
486 |
list(ldap_backend.LDAPBackend.get_users())
|
473 |
487 |
assert User.objects.first().roles.count() == 2
|
... | ... | |
485 |
499 |
'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))',
|
486 |
500 |
'set_mandatory_roles': ['tech', 'admin'],
|
487 |
501 |
}]
|
|
502 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
488 |
503 |
|
489 |
504 |
list(ldap_backend.LDAPBackend.get_users())
|
490 |
505 |
assert User.objects.first().roles.count() == 0
|
... | ... | |
506 |
521 |
'{0}to * by dn.subtree="o=ôrga" none by * manage'
|
507 |
522 |
])
|
508 |
523 |
])
|
|
524 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
509 |
525 |
return slapd
|
510 |
526 |
|
511 |
527 |
|
... | ... | |
522 |
538 |
'group_filter': '(&(memberUid={uid})(objectClass=posixGroup))',
|
523 |
539 |
'set_mandatory_roles': ['tech', 'admin'],
|
524 |
540 |
}]
|
|
541 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
525 |
542 |
response = app.get('/login/')
|
526 |
543 |
response.form.set('username', USERNAME)
|
527 |
544 |
response.form.set('password', PASS)
|
... | ... | |
545 |
562 |
'basedn': u'o=ôrga',
|
546 |
563 |
'use_tls': False,
|
547 |
564 |
}]
|
|
565 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
548 |
566 |
assert User.objects.count() == 0
|
549 |
567 |
# first login
|
550 |
568 |
response = app.get('/login/')
|
... | ... | |
592 |
610 |
'use_tls': False,
|
593 |
611 |
'user_can_change_password': False,
|
594 |
612 |
}]
|
|
613 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
595 |
614 |
assert User.objects.count() == 0
|
596 |
615 |
# first login
|
597 |
616 |
response = app.get('/login/')
|
... | ... | |
617 |
636 |
'basedn': u'o=ôrga',
|
618 |
637 |
'use_tls': False,
|
619 |
638 |
}]
|
|
639 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
620 |
640 |
result = client.post('/login/', {'login-password-submit': '1',
|
621 |
641 |
'username': USERNAME,
|
622 |
642 |
'password': PASS}, follow=True)
|
... | ... | |
667 |
687 |
},
|
668 |
688 |
]
|
669 |
689 |
}]
|
|
690 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
670 |
691 |
|
671 |
692 |
# create a locality attribute
|
672 |
693 |
models.Attribute.objects.create(
|
... | ... | |
710 |
731 |
'basedn': u'o=ôrga',
|
711 |
732 |
'use_tls': False,
|
712 |
733 |
}]
|
|
734 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
713 |
735 |
user = authenticate(username=u'etienne.michu', password=u'passé')
|
714 |
736 |
assert user
|
715 |
737 |
assert user.check_password(u'passé')
|
... | ... | |
728 |
750 |
'ou_slug': ou1.slug,
|
729 |
751 |
'use_tls': False,
|
730 |
752 |
}]
|
|
753 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
731 |
754 |
settings.A2_LOGIN_FORM_OU_SELECTOR = True
|
732 |
755 |
|
733 |
756 |
# Check login to the wrong ou does not work
|
... | ... | |
756 |
779 |
'basedn': u'o=ôrga',
|
757 |
780 |
'use_tls': False,
|
758 |
781 |
}]
|
|
782 |
settings.LDAP_AUTH_SETTINGS = json.loads(json.dumps(settings.LDAP_AUTH_SETTINGS))
|
759 |
783 |
settings.A2_LOGIN_FORM_OU_SELECTOR = True
|
760 |
784 |
|
761 |
785 |
# Check login to the wrong ou does not work
|
762 |
|
-
|