26 |
26 |
import py
|
27 |
27 |
|
28 |
28 |
from authentic2.a2_rbac.utils import get_default_ou
|
29 |
|
from authentic2_auth_oidc.models import OIDCProvider
|
|
29 |
from authentic2.models import UserExternalId
|
|
30 |
from authentic2_auth_oidc.models import OIDCProvider, OIDCAccount
|
30 |
31 |
from django_rbac.models import ADMIN_OP
|
31 |
32 |
from django_rbac.models import Operation
|
32 |
33 |
from django_rbac.utils import get_operation
|
... | ... | |
37 |
38 |
|
38 |
39 |
from .utils import login, call_command
|
39 |
40 |
|
|
41 |
User = get_user_model()
|
|
42 |
|
40 |
43 |
if six.PY2:
|
41 |
44 |
FileType = file # noqa: F821
|
42 |
45 |
else:
|
... | ... | |
57 |
60 |
assert old_pass != simple_user.password
|
58 |
61 |
|
59 |
62 |
|
60 |
|
def test_clean_unused_account(db, simple_user, mailoutbox, freezer):
|
|
63 |
def test_clean_unused_account(db, simple_user, mailoutbox, freezer, settings):
|
|
64 |
settings.LDAP_AUTH_SETTINGS = [{'realm': 'ldap', 'url': 'ldap://ldap.com/', 'basedn': 'dc=ldap,dc=com'}]
|
|
65 |
ldap_user = User.objects.create(username='ldap-user',
|
|
66 |
email='ldap-user@example.com',
|
|
67 |
ou=simple_user.ou)
|
|
68 |
oidc_user = User.objects.create(username='oidc-user',
|
|
69 |
email='oidc-user@example.com',
|
|
70 |
ou=simple_user.ou)
|
|
71 |
UserExternalId.objects.create(user=ldap_user, source='ldap',
|
|
72 |
external_id='whatever')
|
|
73 |
provider = OIDCProvider.objects.create(name='oidc', ou=simple_user.ou)
|
|
74 |
OIDCAccount.objects.create(user=oidc_user, provider=provider, sub='1')
|
|
75 |
|
61 |
76 |
email = simple_user.email
|
62 |
77 |
freezer.move_to('2018-01-01')
|
63 |
78 |
simple_user.ou.clean_unused_accounts_alert = 2
|
64 |
79 |
simple_user.ou.clean_unused_accounts_deletion = 3
|
65 |
80 |
simple_user.ou.save()
|
66 |
81 |
|
67 |
|
simple_user.last_login = now() - datetime.timedelta(days=2)
|
68 |
|
simple_user.save()
|
|
82 |
last_login = now() - datetime.timedelta(days=2, seconds=30)
|
|
83 |
for user in (simple_user, ldap_user, oidc_user):
|
|
84 |
user.last_login = last_login
|
|
85 |
user.save()
|
69 |
86 |
|
70 |
87 |
call_command('clean-unused-accounts')
|
71 |
|
simple_user.refresh_from_db()
|
72 |
|
assert not simple_user.deleted
|
|
88 |
|
|
89 |
for user in (simple_user, ldap_user, oidc_user):
|
|
90 |
user.refresh_from_db()
|
|
91 |
assert not simple_user.deleted
|
73 |
92 |
assert len(mailoutbox) == 1
|
74 |
93 |
|
75 |
94 |
freezer.move_to('2018-01-01 12:00:00')
|
76 |
95 |
# no new mail, no deletion
|
77 |
96 |
call_command('clean-unused-accounts')
|
78 |
|
simple_user.refresh_from_db()
|
79 |
|
assert not simple_user.deleted
|
|
97 |
for user in (simple_user, ldap_user, oidc_user):
|
|
98 |
user.refresh_from_db()
|
|
99 |
assert not simple_user.deleted
|
80 |
100 |
assert len(mailoutbox) == 1
|
81 |
101 |
|
82 |
102 |
freezer.move_to('2018-01-02')
|
83 |
103 |
call_command('clean-unused-accounts')
|
|
104 |
for user in (ldap_user, oidc_user):
|
|
105 |
user.refresh_from_db()
|
|
106 |
assert not simple_user.deleted
|
84 |
107 |
simple_user.refresh_from_db()
|
85 |
108 |
assert simple_user.deleted
|
86 |
109 |
assert len(mailoutbox) == 2
|
... | ... | |
318 |
341 |
settings.A2_EMAIL_IS_UNIQUE = False
|
319 |
342 |
settings.A2_USERNAME_IS_UNIQUE = False
|
320 |
343 |
|
321 |
|
User = get_user_model()
|
322 |
344 |
user1 = User.objects.create(
|
323 |
345 |
username='foo', email='foo@example.net',
|
324 |
346 |
first_name='Toto', last_name='Foo')
|
325 |
|
-
|