0001-misc-remove-unicode-prefixed-strings-53714.patch
| doc/advanced.rst | ||
|---|---|---|
| 80 | 80 | |
| 81 | 81 |
:: |
| 82 | 82 | |
| 83 |
u'auth.user': {
|
|
| 83 |
'auth.user': {
|
|
| 84 | 84 |
'meta': {'object_name': 'User',
|
| 85 | 85 | |
| 86 | 86 |
must be rewritten like that::: |
| doc/conf.py | ||
|---|---|---|
| 48 | 48 |
master_doc = 'index' |
| 49 | 49 | |
| 50 | 50 |
# General information about the project. |
| 51 |
project = u'Authentic 2'
|
|
| 52 |
copyright = u'2012, 2011, 2010, Entr\'ouvert'
|
|
| 51 |
project = 'Authentic 2' |
|
| 52 |
copyright = '2012, 2011, 2010, Entr\'ouvert' |
|
| 53 | 53 | |
| 54 | 54 |
# The version info for the project you're documenting, acts as replacement for |
| 55 | 55 |
# |version| and |release|, also used in various other places throughout the |
| ... | ... | |
| 189 | 189 |
# Grouping the document tree into LaTeX files. List of tuples |
| 190 | 190 |
# (source start file, target name, title, author, documentclass [howto/manual]). |
| 191 | 191 |
latex_documents = [ |
| 192 |
('index', 'Authentic2.tex', u'Authentic2 Documentation', u'Entr\'ouvert', 'manual'),
|
|
| 192 |
('index', 'Authentic2.tex', 'Authentic2 Documentation', 'Entr\'ouvert', 'manual'),
|
|
| 193 | 193 |
] |
| 194 | 194 | |
| 195 | 195 |
# The name of an image file (relative to this directory) to place at the top of |
| ... | ... | |
| 217 | 217 | |
| 218 | 218 |
# One entry per manual page. List of tuples |
| 219 | 219 |
# (source start file, name, description, authors, manual section). |
| 220 |
man_pages = [('index', 'authentic2', u'Authentic2 Documentation', [u'Mikaël Ates'], 1)]
|
|
| 220 |
man_pages = [('index', 'authentic2', 'Authentic2 Documentation', [u'Mikaël Ates'], 1)]
|
|
| 221 | 221 | |
| 222 | 222 |
# If true, show URL addresses after external links. |
| 223 | 223 |
# man_show_urls = False |
| ... | ... | |
| 232 | 232 |
( |
| 233 | 233 |
'index', |
| 234 | 234 |
'Authentic2', |
| 235 |
u'Authentic2 Documentation',
|
|
| 236 |
u'Mikaël Ates',
|
|
| 235 |
'Authentic2 Documentation', |
|
| 236 |
'Mikaël Ates', |
|
| 237 | 237 |
'Authentic2', |
| 238 | 238 |
'One line description of project.', |
| 239 | 239 |
'Miscellaneous', |
| src/authentic2/a2_rbac/models.py | ||
|---|---|---|
| 394 | 394 |
verbose_name_plural = _('role parenting relations')
|
| 395 | 395 | |
| 396 | 396 |
def __str__(self): |
| 397 |
return u'{0} {1}> {2}'.format(self.parent.name, '-' if self.direct else '~', self.child.name)
|
|
| 397 |
return '{0} {1}> {2}'.format(self.parent.name, '-' if self.direct else '~', self.child.name)
|
|
| 398 | 398 | |
| 399 | 399 | |
| 400 | 400 |
class RoleAttribute(models.Model): |
| src/authentic2/api_views.py | ||
|---|---|---|
| 446 | 446 |
) |
| 447 | 447 |
except smtplib.SMTPException as e: |
| 448 | 448 |
logging.getLogger(__name__).error( |
| 449 |
u'registration mail could not be sent to user %s ' 'created through API: %s', instance, e
|
|
| 449 |
'registration mail could not be sent to user %s ' 'created through API: %s', instance, e |
|
| 450 | 450 |
) |
| 451 | 451 |
return instance |
| 452 | 452 | |
| src/authentic2/attribute_kinds.py | ||
|---|---|---|
| 224 | 224 | |
| 225 | 225 |
def profile_image_html_value(attribute, value): |
| 226 | 226 |
if value: |
| 227 |
fragment = u'<a href="%s"><img class="%s" src="%s"/></a>' % (value.url, attribute.name, value.url)
|
|
| 227 |
fragment = '<a href="%s"><img class="%s" src="%s"/></a>' % (value.url, attribute.name, value.url) |
|
| 228 | 228 |
return html.mark_safe(fragment) |
| 229 | 229 |
return '' |
| 230 | 230 | |
| ... | ... | |
| 349 | 349 | |
| 350 | 350 | |
| 351 | 351 |
def only_digits(value): |
| 352 |
return u''.join(x for x in value if x in string.digits)
|
|
| 352 |
return ''.join(x for x in value if x in string.digits) |
|
| 353 | 353 | |
| 354 | 354 | |
| 355 | 355 |
def validate_lun(value): |
| src/authentic2/attributes_ng/sources/django_user.py | ||
|---|---|---|
| 38 | 38 |
if field.name == 'ou': |
| 39 | 39 |
continue |
| 40 | 40 |
name = 'django_user_' + str(field.name) |
| 41 |
description = field.verbose_name + u' (%s)' % name
|
|
| 41 |
description = field.verbose_name + ' (%s)' % name |
|
| 42 | 42 |
yield name, description |
| 43 | 43 | |
| 44 |
yield 'django_user_ou_uuid', _('OU UUIDs') + u' (django_user_ou_uuid)'
|
|
| 45 |
yield 'django_user_ou_slug', _('OU slug') + u' (django_user_ou_slug)'
|
|
| 46 |
yield 'django_user_ou_name', _('OU name') + u' (django_user_ou_name)'
|
|
| 44 |
yield 'django_user_ou_uuid', _('OU UUIDs') + ' (django_user_ou_uuid)'
|
|
| 45 |
yield 'django_user_ou_slug', _('OU slug') + ' (django_user_ou_slug)'
|
|
| 46 |
yield 'django_user_ou_name', _('OU name') + ' (django_user_ou_name)'
|
|
| 47 | 47 | |
| 48 | 48 |
for attribute in Attribute.objects.all(): |
| 49 | 49 |
name = 'django_user_' + str(attribute.name) |
| 50 |
description = attribute.label + u' (%s)' % name
|
|
| 50 |
description = attribute.label + ' (%s)' % name |
|
| 51 | 51 |
yield name, description |
| 52 | 52 |
group_label = User._meta.get_field('groups').verbose_name
|
| 53 |
yield 'django_user_groups', group_label + u' (django_user_groups)'
|
|
| 54 |
yield 'django_user_group_names', group_label + u' (django_user_group_names)'
|
|
| 55 |
yield 'django_user_domain', _('User domain') + u' (django_user_domain)'
|
|
| 56 |
yield 'django_user_identifier', _('User identifier') + u' (django_user_identifier)'
|
|
| 57 |
yield 'django_user_full_name', _('Full name') + u' (django_user_full_name)'
|
|
| 53 |
yield 'django_user_groups', group_label + ' (django_user_groups)' |
|
| 54 |
yield 'django_user_group_names', group_label + ' (django_user_group_names)' |
|
| 55 |
yield 'django_user_domain', _('User domain') + ' (django_user_domain)'
|
|
| 56 |
yield 'django_user_identifier', _('User identifier') + ' (django_user_identifier)'
|
|
| 57 |
yield 'django_user_full_name', _('Full name') + ' (django_user_full_name)'
|
|
| 58 | 58 |
yield 'a2_role_slugs', _('Role slugs')
|
| 59 | 59 |
yield 'a2_role_names', _('Role names')
|
| 60 | 60 |
yield 'a2_role_uuids', _('Role UUIDs')
|
| src/authentic2/attributes_ng/sources/service_roles.py | ||
|---|---|---|
| 40 | 40 |
names.append(service_role_attribute.name) |
| 41 | 41 |
names.sort() |
| 42 | 42 |
for name in names: |
| 43 |
yield (name, u'%s (%s)' % (name, _('role attribute')))
|
|
| 43 |
yield (name, '%s (%s)' % (name, _('role attribute')))
|
|
| 44 | 44 | |
| 45 | 45 | |
| 46 | 46 |
def get_dependencies(instance, ctx): |
| src/authentic2/backends/ldap_backend.py | ||
|---|---|---|
| 886 | 886 |
if ldap_attribute in attributes: |
| 887 | 887 |
value = attributes[ldap_attribute][0] |
| 888 | 888 |
else: |
| 889 |
value = u''
|
|
| 889 |
value = '' |
|
| 890 | 890 |
if getattr(user, legacy_attribute) != value: |
| 891 | 891 |
setattr(user, legacy_attribute, value) |
| 892 | 892 |
user._changed = True |
| ... | ... | |
| 1175 | 1175 |
attribute_mappings = map_text(block['attribute_mappings']) |
| 1176 | 1176 |
mandatory_attributes_values = map_text(block['mandatory_attributes_values']) |
| 1177 | 1177 |
try: |
| 1178 |
results = conn.search_s(dn, ldap.SCOPE_BASE, u'(objectclass=*)', attributes)
|
|
| 1178 |
results = conn.search_s(dn, ldap.SCOPE_BASE, '(objectclass=*)', attributes) |
|
| 1179 | 1179 |
except ldap.LDAPError as e: |
| 1180 | 1180 |
log.error('unable to retrieve attributes of dn %r: %r', dn, e)
|
| 1181 | 1181 |
return None |
| ... | ... | |
| 1258 | 1258 |
item_value = {}
|
| 1259 | 1259 |
for dn, attrs in results: |
| 1260 | 1260 |
log.debug( |
| 1261 |
u'Object retrieved for extra attr %s with item %s : %s %s'
|
|
| 1261 |
'Object retrieved for extra attr %s with item %s : %s %s' |
|
| 1262 | 1262 |
% (extra_attribute_name, item, dn, attrs) |
| 1263 | 1263 |
) |
| 1264 | 1264 |
for key in ldap_attributes_mapping: |
| ... | ... | |
| 1306 | 1306 |
else: |
| 1307 | 1307 |
decoded.append((attribute, force_text(value))) |
| 1308 | 1308 |
filters = [filter_format(u'(%s=%s)', (a, b)) for a, b in decoded] |
| 1309 |
return u'(&{0})'.format(''.join(filters))
|
|
| 1309 |
return '(&{0})'.format(''.join(filters))
|
|
| 1310 | 1310 | |
| 1311 | 1311 |
def build_external_id(self, external_id_tuple, attributes): |
| 1312 | 1312 |
"""Build the exernal id for the user, use attribute that eventually |
| ... | ... | |
| 1525 | 1525 |
else: |
| 1526 | 1526 |
modlist = [] |
| 1527 | 1527 |
if block['active_directory']: |
| 1528 |
key = u'unicodePwd'
|
|
| 1528 |
key = 'unicodePwd' |
|
| 1529 | 1529 |
value = cls.ad_encoding(new_password) |
| 1530 | 1530 |
if old_password: |
| 1531 | 1531 |
modlist = [ |
| ... | ... | |
| 1535 | 1535 |
else: |
| 1536 | 1536 |
modlist = [(ldap.MOD_REPLACE, key, [value])] |
| 1537 | 1537 |
else: |
| 1538 |
key = u'userPassword'
|
|
| 1538 |
key = 'userPassword' |
|
| 1539 | 1539 |
modlist = [(ldap.MOD_REPLACE, key, [new_password])] |
| 1540 | 1540 |
conn.modify_s(dn, modlist) |
| 1541 | 1541 |
log.debug('modified password for dn %r', dn)
|
| ... | ... | |
| 1644 | 1644 |
conn.simple_bind_s() |
| 1645 | 1645 |
return True, None |
| 1646 | 1646 |
except ldap.INVALID_CREDENTIALS: |
| 1647 |
return False, u'invalid credentials'
|
|
| 1647 |
return False, 'invalid credentials' |
|
| 1648 | 1648 |
except ldap.INVALID_DN_SYNTAX: |
| 1649 |
return False, u'invalid dn syntax %s' % who
|
|
| 1649 |
return False, 'invalid dn syntax %s' % who |
|
| 1650 | 1650 |
except ldap.CONNECT_ERROR: |
| 1651 | 1651 |
return False, 'connection error' |
| 1652 | 1652 |
except ldap.TIMEOUT: |
| ... | ... | |
| 1781 | 1781 |
results = self.normalize_ldap_results(results) |
| 1782 | 1782 |
if not results: |
| 1783 | 1783 |
log.warning( |
| 1784 |
u'unable to find user %r based on external id %s', user, external_id
|
|
| 1784 |
'unable to find user %r based on external id %s', user, external_id |
|
| 1785 | 1785 |
) |
| 1786 | 1786 |
continue |
| 1787 | 1787 |
dn = results[0][0] |
| 1788 | 1788 |
except ldap.LDAPError as e: |
| 1789 | 1789 |
log.warning( |
| 1790 |
u'unable to find user %r based on external id %s: %r', user, external_id, e
|
|
| 1790 |
'unable to find user %r based on external id %s: %r', user, external_id, e |
|
| 1791 | 1791 |
) |
| 1792 | 1792 |
continue |
| 1793 | 1793 |
return self._return_user(dn, None, conn, block) |
| src/authentic2/backends/models_backend.py | ||
|---|---|---|
| 30 | 30 | |
| 31 | 31 |
def upn(username, realm): |
| 32 | 32 |
'''Build an UPN from a username and a realm''' |
| 33 |
return u'{0}@{1}'.format(username, realm)
|
|
| 33 |
return '{0}@{1}'.format(username, realm)
|
|
| 34 | 34 | |
| 35 | 35 | |
| 36 | 36 |
PROXY_USER_MODEL = None |
| src/authentic2/data_transfer.py | ||
|---|---|---|
| 61 | 61 |
for message in error_list(messages): |
| 62 | 62 |
errorlist.append( |
| 63 | 63 |
format_lazy( |
| 64 |
u'{}="{}": {}', obj.__class__._meta.get_field(key).verbose_name, value, message
|
|
| 64 |
'{}="{}": {}', obj.__class__._meta.get_field(key).verbose_name, value, message
|
|
| 65 | 65 |
) |
| 66 | 66 |
) |
| 67 | 67 |
raise ValidationError(errorlist) |
| src/authentic2/decorators.py | ||
|---|---|---|
| 200 | 200 |
if kw not in self.kwargs: |
| 201 | 201 |
continue |
| 202 | 202 |
parts.append(u'%s-%s' % (str(kw), str(arg))) |
| 203 |
return u'|'.join(parts)
|
|
| 203 |
return '|'.join(parts) |
|
| 204 | 204 | |
| 205 | 205 | |
| 206 | 206 |
class SimpleDictionnaryCacheMixin(object): |
| src/authentic2/disco_service/disco_responder.py | ||
|---|---|---|
| 41 | 41 | |
| 42 | 42 |
def error_page(request, message, logger): |
| 43 | 43 |
'''Customized disco service error page''' |
| 44 |
message = u'disco: ' + message
|
|
| 44 |
message = 'disco: ' + message |
|
| 45 | 45 |
return base_error_page(request, message, logger) |
| 46 | 46 | |
| 47 | 47 | |
| src/authentic2/exponential_retry_timeout.py | ||
|---|---|---|
| 44 | 44 |
self.key_prefix = key_prefix |
| 45 | 45 | |
| 46 | 46 |
def key(self, keys): |
| 47 |
key = u'-'.join(str(key) for key in keys)
|
|
| 47 |
key = '-'.join(str(key) for key in keys) |
|
| 48 | 48 |
key = key.encode('utf-8')
|
| 49 | 49 |
return '%s%s' % (self.key_prefix or self.KEY_PREFIX, hashlib.md5(key).hexdigest()) |
| 50 | 50 | |
| src/authentic2/forms/fields.py | ||
|---|---|---|
| 54 | 54 |
def __init__(self, *args, **kwargs): |
| 55 | 55 |
kwargs[ |
| 56 | 56 |
'help_text' |
| 57 |
] = u'''
|
|
| 57 |
] = ''' |
|
| 58 | 58 |
<span class="a2-password-check-equality-default">%(default)s</span> |
| 59 | 59 |
<span class="a2-password-check-equality-matched">%(match)s</span> |
| 60 | 60 |
<span class="a2-password-check-equality-unmatched">%(nomatch)s</span> |
| src/authentic2/forms/widgets.py | ||
|---|---|---|
| 165 | 165 | |
| 166 | 166 |
help_text = self.help_text |
| 167 | 167 |
if not help_text: |
| 168 |
help_text = u'%s %s' % (_('Format:'), self.options['format'])
|
|
| 168 |
help_text = '%s %s' % (_('Format:'), self.options['format'])
|
|
| 169 | 169 | |
| 170 | 170 |
return mark_safe( |
| 171 | 171 |
self.render_template |
| ... | ... | |
| 267 | 267 |
if attrs and app_settings.A2_PASSWORD_POLICY_SHOW_LAST_CHAR: |
| 268 | 268 |
_id = attrs.get('id')
|
| 269 | 269 |
if _id: |
| 270 |
output += u'''\n<script>a2_password_show_last_char(%s);</script>''' % json.dumps(_id)
|
|
| 270 |
output += '''\n<script>a2_password_show_last_char(%s);</script>''' % json.dumps(_id) |
|
| 271 | 271 |
return output |
| 272 | 272 | |
| 273 | 273 | |
| ... | ... | |
| 280 | 280 |
if attrs: |
| 281 | 281 |
_id = attrs.get('id')
|
| 282 | 282 |
if _id: |
| 283 |
output += u'''\n<script>a2_password_validate(%s);</script>''' % json.dumps(_id)
|
|
| 283 |
output += '''\n<script>a2_password_validate(%s);</script>''' % json.dumps(_id) |
|
| 284 | 284 |
return output |
| 285 | 285 | |
| 286 | 286 | |
| ... | ... | |
| 296 | 296 |
_id = attrs.get('id')
|
| 297 | 297 |
if _id and _id.endswith('2'):
|
| 298 | 298 |
other_id = _id[:-1] + '1' |
| 299 |
output += u'''\n<script>a2_password_check_equality(%s, %s)</script>''' % (
|
|
| 299 |
output += '''\n<script>a2_password_check_equality(%s, %s)</script>''' % ( |
|
| 300 | 300 |
json.dumps(other_id), |
| 301 | 301 |
json.dumps(_id), |
| 302 | 302 |
) |
| src/authentic2/idp/saml/saml2_endpoints.py | ||
|---|---|---|
| 486 | 486 |
kwargs['entity_id'] = login.remoteProviderId |
| 487 | 487 |
kwargs['user'] = request.user |
| 488 | 488 |
logger.debug( |
| 489 |
u'sending nameID %(name_id_format)r: %(name_id_content)r to '
|
|
| 490 |
u'%(entity_id)s for user %(user)s' % kwargs
|
|
| 489 |
'sending nameID %(name_id_format)r: %(name_id_content)r to ' |
|
| 490 |
'%(entity_id)s for user %(user)s' % kwargs |
|
| 491 | 491 |
) |
| 492 | 492 |
register_new_saml2_session(request, login) |
| 493 | 493 |
add_attributes(request, entity_id, assertion, provider, nid_format) |
| ... | ... | |
| 1231 | 1231 |
"""Build a session dump from a list of pairs |
| 1232 | 1232 |
(provider_id,assertion_content)""" |
| 1233 | 1233 |
session = [ |
| 1234 |
u'<Session xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"'
|
|
| 1235 |
u' xmlns="http://www.entrouvert.org/namespaces/lasso/0.0" Version="2">',
|
|
| 1234 |
'<Session xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"' |
|
| 1235 |
' xmlns="http://www.entrouvert.org/namespaces/lasso/0.0" Version="2">', |
|
| 1236 | 1236 |
] |
| 1237 | 1237 |
for liberty_session in liberty_sessions: |
| 1238 | 1238 |
session.append( |
| 1239 |
u'<NidAndSessionIndex ProviderID="{0.provider_id}" '
|
|
| 1240 |
u'AssertionID="xxx" '
|
|
| 1241 |
u'SessionIndex="{0.session_index}">'.format(liberty_session)
|
|
| 1239 |
'<NidAndSessionIndex ProviderID="{0.provider_id}" '
|
|
| 1240 |
'AssertionID="xxx" ' |
|
| 1241 |
'SessionIndex="{0.session_index}">'.format(liberty_session)
|
|
| 1242 | 1242 |
) |
| 1243 | 1243 |
session.append(u'<saml:NameID Format="{0.name_id_format}" '.format(liberty_session))
|
| 1244 | 1244 |
if liberty_session.name_id_qualifier: |
| src/authentic2/manager/forms.py | ||
|---|---|---|
| 347 | 347 |
) |
| 348 | 348 |
except smtplib.SMTPException as e: |
| 349 | 349 |
logger.error( |
| 350 |
u'registration mail could not be sent to user %s created through ' u'manager: %s', user, e
|
|
| 350 |
'registration mail could not be sent to user %s created through ' 'manager: %s', user, e
|
|
| 351 | 351 |
) |
| 352 | 352 |
return user |
| 353 | 353 | |
| src/authentic2/manager/resources.py | ||
|---|---|---|
| 29 | 29 |
raise NotImplementedError |
| 30 | 30 | |
| 31 | 31 |
def render(self, value, object): |
| 32 |
return u', '.join(str(v) for v in value.all())
|
|
| 32 |
return ', '.join(str(v) for v in value.all()) |
|
| 33 | 33 | |
| 34 | 34 | |
| 35 | 35 |
class UserResource(ModelResource): |
| src/authentic2/manager/user_views.py | ||
|---|---|---|
| 712 | 712 | |
| 713 | 713 |
def get_search_form_kwargs(self): |
| 714 | 714 |
kwargs = super(UserRolesView, self).get_search_form_kwargs() |
| 715 |
kwargs['all_ou_label'] = u''
|
|
| 715 |
kwargs['all_ou_label'] = '' |
|
| 716 | 716 |
kwargs['user'] = self.object |
| 717 | 717 |
kwargs['role_members_from_ou'] = app_settings.ROLE_MEMBERS_FROM_OU |
| 718 | 718 |
kwargs['show_all_ou'] = app_settings.SHOW_ALL_OU |
| ... | ... | |
| 818 | 818 |
) |
| 819 | 819 |
ctx['help_columns'] = help_columns |
| 820 | 820 |
example_data = ( |
| 821 |
u','.join(column['name'] + (' key' if column['key'] else '') for column in help_columns) + '\n'
|
|
| 821 |
','.join(column['name'] + (' key' if column['key'] else '') for column in help_columns) + '\n'
|
|
| 822 | 822 |
) |
| 823 | 823 |
example_url = 'data:text/csv;base64,%s' % base64.b64encode(example_data.encode('utf-8')).decode(
|
| 824 | 824 |
'ascii' |
| src/authentic2/manager/utils.py | ||
|---|---|---|
| 35 | 35 |
if labels: |
| 36 | 36 |
labels.append(u' - ') |
| 37 | 37 |
labels.append(user.username) |
| 38 |
return u''.join(labels)
|
|
| 38 |
return ''.join(labels) |
|
| 39 | 39 | |
| 40 | 40 | |
| 41 | 41 |
@GlobalCache(timeout=10) |
| src/authentic2/manager/views.py | ||
|---|---|---|
| 400 | 400 |
def get_instance_name(self): |
| 401 | 401 |
if hasattr(self, 'get_object'): |
| 402 | 402 |
return str(self.get_object()) |
| 403 |
return u''
|
|
| 403 |
return '' |
|
| 404 | 404 | |
| 405 | 405 |
def get_context_data(self, **kwargs): |
| 406 | 406 |
ctx = super(ModelNameMixin, self).get_context_data(**kwargs) |
| src/authentic2/manager/widgets.py | ||
|---|---|---|
| 103 | 103 |
def label_from_instance(self, obj): |
| 104 | 104 |
label = str(obj) |
| 105 | 105 |
if obj.ou and utils.get_ou_count() > 1: |
| 106 |
label = u'{ou} - {obj}'.format(ou=obj.ou, obj=obj)
|
|
| 106 |
label = '{ou} - {obj}'.format(ou=obj.ou, obj=obj)
|
|
| 107 | 107 |
return label |
| 108 | 108 | |
| 109 | 109 | |
| src/authentic2/models.py | ||
|---|---|---|
| 56 | 56 |
updated = models.DateTimeField(auto_now=True, verbose_name=_('last update date'))
|
| 57 | 57 | |
| 58 | 58 |
def __str__(self): |
| 59 |
return u'{0} is {1} on {2}'.format(self.user, self.external_id, self.source)
|
|
| 59 |
return '{0} is {1} on {2}'.format(self.user, self.external_id, self.source)
|
|
| 60 | 60 | |
| 61 | 61 |
def __repr__(self): |
| 62 | 62 |
return ( |
| src/authentic2/saml/admin.py | ||
|---|---|---|
| 102 | 102 |
try: |
| 103 | 103 |
provider.update_metadata() |
| 104 | 104 |
except ValidationError as e: |
| 105 |
params = {'name': provider, 'error_msg': u', '.join(e.messages)}
|
|
| 105 |
params = {'name': provider, 'error_msg': ', '.join(e.messages)}
|
|
| 106 | 106 |
messages.error(request, _('Updating SAML provider %(name)s failed: ' '%(error_msg)s') % params)
|
| 107 | 107 |
else: |
| 108 | 108 |
count += 1 |
| ... | ... | |
| 188 | 188 |
def format(self, obj): |
| 189 | 189 |
name_id_format = obj.name_id_format |
| 190 | 190 |
if name_id_format > 15: |
| 191 |
name_id_format = u'\u2026' + name_id_format[-12:]
|
|
| 191 |
name_id_format = '\u2026' + name_id_format[-12:] |
|
| 192 | 192 |
return name_id_format |
| 193 | 193 | |
| 194 | 194 | |
| src/authentic2/saml/models.py | ||
|---|---|---|
| 357 | 357 |
yield (name, name_format, friendly_name, value) |
| 358 | 358 | |
| 359 | 359 |
def __str__(self): |
| 360 |
return u'%s %s %s' % (self.name, self.name_format_uri(), self.attribute_name)
|
|
| 360 |
return '%s %s %s' % (self.name, self.name_format_uri(), self.attribute_name) |
|
| 361 | 361 | |
| 362 | 362 |
def natural_key(self): |
| 363 | 363 |
if not hasattr(self.provider, 'natural_key'): |
| src/authentic2/utils/__init__.py | ||
|---|---|---|
| 341 | 341 |
else: |
| 342 | 342 |
url_params.appendlist(key, value) |
| 343 | 343 |
if url_params: |
| 344 |
url += u'?%s' % url_params.urlencode(safe='/')
|
|
| 344 |
url += '?%s' % url_params.urlencode(safe='/') |
|
| 345 | 345 |
if fragment: |
| 346 |
url += u'#%s' % fragment
|
|
| 346 |
url += '#%s' % fragment |
|
| 347 | 347 |
if absolute: |
| 348 | 348 |
if request: |
| 349 | 349 |
url = request.build_absolute_uri(url) |
| ... | ... | |
| 946 | 946 |
**kwargs, |
| 947 | 947 |
) |
| 948 | 948 |
logger.info( |
| 949 |
u'password reset request for user %s, email sent to %s ' 'with token %s', user, user.email, token.uuid
|
|
| 949 |
'password reset request for user %s, email sent to %s ' 'with token %s', user, user.email, token.uuid |
|
| 950 | 950 |
) |
| 951 | 951 |
journal.record('user.password.reset.request', email=user.email, user=user)
|
| 952 | 952 | |
| src/authentic2/views.py | ||
|---|---|---|
| 626 | 626 |
if not self.check_referrer(): |
| 627 | 627 |
return HttpResponseForbidden() |
| 628 | 628 |
callback = request.GET.get('callback')
|
| 629 |
content = u'{0}({1})'.format(callback, int(request.user.is_authenticated))
|
|
| 629 |
content = '{0}({1})'.format(callback, int(request.user.is_authenticated))
|
|
| 630 | 630 |
return HttpResponse(content, content_type='application/json') |
| 631 | 631 | |
| 632 | 632 | |
| src/authentic2_idp_cas/models.py | ||
|---|---|---|
| 51 | 51 |
url_validator(url) |
| 52 | 52 |
except ValidationError: |
| 53 | 53 |
raise ValidationError(_('%s is an invalid URL') % url)
|
| 54 |
self.urls = u' '.join(urls)
|
|
| 54 |
self.urls = ' '.join(urls) |
|
| 55 | 55 | |
| 56 | 56 |
def match_service(self, service_url): |
| 57 | 57 |
'''Verify that this service match an URL''' |
| ... | ... | |
| 86 | 86 |
enabled = models.BooleanField(verbose_name=_('enabled'), default=True)
|
| 87 | 87 | |
| 88 | 88 |
def __str__(self): |
| 89 |
return u'%s <- %s' % (self.slug, self.attribute_name)
|
|
| 89 |
return '%s <- %s' % (self.slug, self.attribute_name) |
|
| 90 | 90 | |
| 91 | 91 |
class Meta: |
| 92 | 92 |
verbose_name = _('CAS attribute')
|
| src/authentic2_idp_oidc/utils.py | ||
|---|---|---|
| 102 | 102 | |
| 103 | 103 |
def clean_words(data): |
| 104 | 104 |
'''Clean and order a list of words''' |
| 105 |
return u' '.join(sorted(x.strip() for x in data.split()))
|
|
| 105 |
return ' '.join(sorted(x.strip() for x in data.split())) |
|
| 106 | 106 | |
| 107 | 107 | |
| 108 | 108 |
def url_domain(url): |
| src/django_rbac/models.py | ||
|---|---|---|
| 159 | 159 |
ct_ct = ContentType.objects.get_for_model(ContentType) |
| 160 | 160 |
if ct == ct_ct: |
| 161 | 161 |
target = ContentType.objects.get_for_id(self.target_id) |
| 162 |
s = u'{0} / {1}'.format(self.operation, target)
|
|
| 162 |
s = '{0} / {1}'.format(self.operation, target)
|
|
| 163 | 163 |
else: |
| 164 |
s = u'{0} / {1} / {2}'.format(self.operation, ct, self.target)
|
|
| 164 |
s = '{0} / {1} / {2}'.format(self.operation, ct, self.target)
|
|
| 165 | 165 |
if self.ou: |
| 166 | 166 |
s += _(u' (scope "{0}")').format(self.ou)
|
| 167 | 167 |
return s |
| tests/test_a2_rbac.py | ||
|---|---|---|
| 92 | 92 |
coin = Role.objects.create(name='Coin', slug='coin') |
| 93 | 93 |
coin.get_admin_role() |
| 94 | 94 |
for role in Role.objects.filter(admin_scope_ct__isnull=False): |
| 95 |
assert role.slug.startswith('_a2'), u'role %s slug must start with _a2: %s' % (role.name, role.slug)
|
|
| 95 |
assert role.slug.startswith('_a2'), 'role %s slug must start with _a2: %s' % (role.name, role.slug)
|
|
| 96 | 96 | |
| 97 | 97 | |
| 98 | 98 |
def test_admin_roles_update_slug(db): |
| ... | ... | |
| 262 | 262 |
assert permissions[0] == {
|
| 263 | 263 |
'operation': {'slug': 'add'},
|
| 264 | 264 |
'ou': {'uuid': ou.uuid, 'slug': ou.slug, 'name': ou.name},
|
| 265 |
'target_ct': {'app_label': u'contenttypes', 'model': u'contenttype'},
|
|
| 266 |
'target': {'model': u'libertyprovider', 'app_label': u'saml'},
|
|
| 265 |
'target_ct': {'app_label': 'contenttypes', 'model': 'contenttype'},
|
|
| 266 |
'target': {'model': 'libertyprovider', 'app_label': 'saml'},
|
|
| 267 | 267 |
} |
| 268 | 268 |
assert permissions[1] == {
|
| 269 | 269 |
'operation': {'slug': 'add'},
|
| 270 | 270 |
'ou': None, |
| 271 |
'target_ct': {'app_label': u'a2_rbac', 'model': u'role'},
|
|
| 271 |
'target_ct': {'app_label': 'a2_rbac', 'model': 'role'},
|
|
| 272 | 272 |
'target': {
|
| 273 |
'slug': u'other-role-slug',
|
|
| 273 |
'slug': 'other-role-slug', |
|
| 274 | 274 |
'service': None, |
| 275 | 275 |
'uuid': other_role.uuid, |
| 276 |
'ou': {'slug': u'some-ou', 'uuid': some_ou.uuid, 'name': u'some ou'},
|
|
| 277 |
'name': u'other role name',
|
|
| 276 |
'ou': {'slug': 'some-ou', 'uuid': some_ou.uuid, 'name': 'some ou'},
|
|
| 277 |
'name': 'other role name', |
|
| 278 | 278 |
}, |
| 279 | 279 |
} |
| 280 | 280 | |
| tests/test_attribute_kinds.py | ||
|---|---|---|
| 53 | 53 |
assert response.pyquery.find('.form-field-error #id_nom_de_naissance')
|
| 54 | 54 | |
| 55 | 55 |
form = response.form |
| 56 |
form.set('nom_de_naissance', u'Noël')
|
|
| 56 |
form.set('nom_de_naissance', 'Noël')
|
|
| 57 | 57 |
form.set('password1', '12345abcdA')
|
| 58 | 58 |
form.set('password2', '12345abcdA')
|
| 59 | 59 |
response = form.submit().follow() |
| 60 |
assert qs.get().attributes.nom_de_naissance == u'Noël'
|
|
| 60 |
assert qs.get().attributes.nom_de_naissance == 'Noël' |
|
| 61 | 61 |
qs.delete() |
| 62 | 62 | |
| 63 | 63 |
app.authorization = ('Basic', (admin.username, admin.username))
|
| ... | ... | |
| 71 | 71 |
payload = {
|
| 72 | 72 |
'first_name': 'John', |
| 73 | 73 |
'last_name': 'Doe', |
| 74 |
'nom_de_naissance': u'Noël',
|
|
| 74 |
'nom_de_naissance': 'Noël', |
|
| 75 | 75 |
} |
| 76 | 76 |
app.post_json('/api/users/', params=payload, status=201)
|
| 77 |
assert qs.get().attributes.nom_de_naissance == u'Noël'
|
|
| 77 |
assert qs.get().attributes.nom_de_naissance == 'Noël' |
|
| 78 | 78 |
qs.delete() |
| 79 | 79 | |
| 80 | 80 | |
| tests/test_auth_oidc.py | ||
|---|---|---|
| 616 | 616 |
user = User.objects.get() |
| 617 | 617 |
# verify user was not modified |
| 618 | 618 |
assert user.username == 'user' |
| 619 |
assert user.first_name == u'Jôhn'
|
|
| 620 |
assert user.last_name == u'Dôe'
|
|
| 619 |
assert user.first_name == 'Jôhn' |
|
| 620 |
assert user.last_name == 'Dôe' |
|
| 621 | 621 |
assert user.email == 'user@example.net' |
| 622 |
assert user.attributes.first_name == u'Jôhn'
|
|
| 623 |
assert user.attributes.last_name == u'Dôe'
|
|
| 622 |
assert user.attributes.first_name == 'Jôhn' |
|
| 623 |
assert user.attributes.last_name == 'Dôe' |
|
| 624 | 624 | |
| 625 | 625 |
response = app.get(reverse('account_management'))
|
| 626 | 626 |
with utils.check_log(caplog, 'revoked token from OIDC'): |
| tests/test_commands.py | ||
|---|---|---|
| 160 | 160 | |
| 161 | 161 | |
| 162 | 162 |
@pytest.mark.parametrize( |
| 163 |
"deletion_delay,formatted", [(730, u'2\xa0years'), (500, u'1\xa0year'), (65, u'2\xa0months')]
|
|
| 163 |
"deletion_delay,formatted", [(730, '2\xa0years'), (500, '1\xa0year'), (65, '2\xa0months')]
|
|
| 164 | 164 |
) |
| 165 | 165 |
def test_clean_unused_account_human_duration_format(simple_user, mailoutbox, deletion_delay, formatted): |
| 166 | 166 |
simple_user.ou.clean_unused_accounts_alert = deletion_delay - 1 |
| tests/test_crypto.py | ||
|---|---|---|
| 67 | 67 | |
| 68 | 68 | |
| 69 | 69 |
def test_hmac_url(): |
| 70 |
key = u'é'
|
|
| 70 |
key = 'é' |
|
| 71 | 71 |
url = 'https://example.invalid/' |
| 72 | 72 |
assert crypto.check_hmac_url(key, url, crypto.hmac_url(key, url)) |
| 73 |
key = u'é'
|
|
| 74 |
url = u'https://example.invalid/\u0000'
|
|
| 73 |
key = 'é' |
|
| 74 |
url = 'https://example.invalid/\u0000' |
|
| 75 | 75 |
assert crypto.check_hmac_url(key, url, crypto.hmac_url(key, url)) |
| tests/test_customfields.py | ||
|---|---|---|
| 28 | 28 |
@pytest.mark.parametrize( |
| 29 | 29 |
'value', |
| 30 | 30 |
[ |
| 31 |
u'\xe9',
|
|
| 31 |
'\xe9', |
|
| 32 | 32 |
b'\xc3\xa9', |
| 33 | 33 |
{1: 1, 2: 4, 3: 6, 4: 8, 5: 10},
|
| 34 | 34 |
'Hello World', |
| tests/test_data_transfer.py | ||
|---|---|---|
| 325 | 325 |
other_role_dict['permisison'] = {
|
| 326 | 326 |
"operation": {"slug": "admin"},
|
| 327 | 327 |
"ou": {"slug": "default", "name": "Collectivit\u00e9 par d\u00e9faut"},
|
| 328 |
'target_ct': {'app_label': u'a2_rbac', 'model': u'role'},
|
|
| 328 |
'target_ct': {'app_label': 'a2_rbac', 'model': 'role'},
|
|
| 329 | 329 |
"target": {
|
| 330 | 330 |
"slug": "role-deux", |
| 331 | 331 |
"ou": {"slug": "default", "name": "Collectivit\u00e9 par d\u00e9faut"},
|
| ... | ... | |
| 344 | 344 |
{
|
| 345 | 345 |
'operation': {'slug': 'add'},
|
| 346 | 346 |
'ou': None, |
| 347 |
'target_ct': {'app_label': u'a2_rbac', 'model': u'role'},
|
|
| 348 |
'target': {"slug": u'other-role-slug', 'ou': {'slug': 'some-ou'}, 'service': None},
|
|
| 347 |
'target_ct': {'app_label': 'a2_rbac', 'model': 'role'},
|
|
| 348 |
'target': {"slug": 'other-role-slug', 'ou': {'slug': 'some-ou'}, 'service': None},
|
|
| 349 | 349 |
} |
| 350 | 350 |
] |
| 351 | 351 | |
| ... | ... | |
| 382 | 382 |
{
|
| 383 | 383 |
"operation": {"slug": "admin"},
|
| 384 | 384 |
"ou": {"slug": "perm-ou", "name": "perm-ou"},
|
| 385 |
'target_ct': {'app_label': u'a2_rbac', 'model': u'role'},
|
|
| 385 |
'target_ct': {'app_label': 'a2_rbac', 'model': 'role'},
|
|
| 386 | 386 |
"target": {
|
| 387 | 387 |
"slug": "perm-role", |
| 388 | 388 |
"ou": {"slug": "perm-ou", "name": "perm ou"},
|
| tests/test_ldap.py | ||
|---|---|---|
| 45 | 45 | |
| 46 | 46 |
pytestmark = pytest.mark.skipif(not has_slapd(), reason='slapd is not installed') |
| 47 | 47 | |
| 48 |
USERNAME = u'etienne.michu'
|
|
| 48 |
USERNAME = 'etienne.michu' |
|
| 49 | 49 |
UID = 'etienne.michu' |
| 50 | 50 |
CN = 'Étienne Michu' |
| 51 | 51 |
DN = 'cn=%s,o=ôrga' % escape_dn_chars(CN) |
| 52 | 52 |
PASS = 'passé' |
| 53 |
UPASS = u'passé'
|
|
| 53 |
UPASS = 'passé' |
|
| 54 | 54 |
EMAIL = 'etienne.michu@example.net' |
| 55 | 55 |
CARLICENSE = '123445ABC' |
| 56 | 56 | |
| ... | ... | |
| 209 | 209 |
settings.LDAP_AUTH_SETTINGS = [ |
| 210 | 210 |
{
|
| 211 | 211 |
'url': [slapd.ldap_url], |
| 212 |
'basedn': u'o=ôrga',
|
|
| 212 |
'basedn': 'o=ôrga', |
|
| 213 | 213 |
'use_tls': False, |
| 214 | 214 |
'attributes': ['jpegPhoto'], |
| 215 | 215 |
} |
| ... | ... | |
| 221 | 221 |
assert force_bytes('Étienne Michu') in result.content
|
| 222 | 222 |
assert User.objects.count() == 1 |
| 223 | 223 |
user = User.objects.get() |
| 224 |
assert user.username == u'%s@ldap' % USERNAME
|
|
| 225 |
assert user.first_name == u'Étienne'
|
|
| 224 |
assert user.username == '%s@ldap' % USERNAME |
|
| 225 |
assert user.first_name == 'Étienne' |
|
| 226 | 226 |
assert user.last_name == 'Michu' |
| 227 | 227 |
assert user.is_active is True |
| 228 | 228 |
assert user.is_superuser is False |
| ... | ... | |
| 237 | 237 |
settings.LDAP_AUTH_SETTINGS = [ |
| 238 | 238 |
{
|
| 239 | 239 |
'url': [slapd.ldap_url], |
| 240 |
'basedn': u'o=ôrga',
|
|
| 240 |
'basedn': 'o=ôrga', |
|
| 241 | 241 |
'use_tls': False, |
| 242 | 242 |
} |
| 243 | 243 |
] |
| ... | ... | |
| 266 | 266 |
'url': [slapd.ldap_url], |
| 267 | 267 |
'binddn': force_text(DN), |
| 268 | 268 |
'bindpw': PASS, |
| 269 |
'basedn': u'o=ôrga',
|
|
| 269 |
'basedn': 'o=ôrga', |
|
| 270 | 270 |
'use_tls': False, |
| 271 | 271 |
} |
| 272 | 272 |
] |
| ... | ... | |
| 277 | 277 |
assert force_bytes('Étienne Michu') in result.content
|
| 278 | 278 |
assert User.objects.count() == 1 |
| 279 | 279 |
user = User.objects.get() |
| 280 |
assert user.username == u'%s@ldap' % USERNAME
|
|
| 281 |
assert user.first_name == u'Étienne'
|
|
| 280 |
assert user.username == '%s@ldap' % USERNAME |
|
| 281 |
assert user.first_name == 'Étienne' |
|
| 282 | 282 |
assert user.last_name == 'Michu' |
| 283 | 283 |
assert user.is_active is True |
| 284 | 284 |
assert user.is_superuser is False |
| ... | ... | |
| 293 | 293 |
settings.LDAP_AUTH_SETTINGS = [ |
| 294 | 294 |
{
|
| 295 | 295 |
'url': [slapd.ldap_url], |
| 296 |
'basedn': u'o=ôrga',
|
|
| 296 |
'basedn': 'o=ôrga', |
|
| 297 | 297 |
'use_tls': False, |
| 298 | 298 |
'is_superuser': True, |
| 299 | 299 |
'is_staff': True, |
| ... | ... | |
| 307 | 307 |
settings.LDAP_AUTH_SETTINGS = [ |
| 308 | 308 |
{
|
| 309 | 309 |
'url': [slapd.ldap_url], |
| 310 |
'basedn': u'o=ôrga',
|
|
| 310 |
'basedn': 'o=ôrga', |
|
| 311 | 311 |
'use_tls': False, |
| 312 | 312 |
'is_superuser': True, |
| 313 | 313 |
'is_staff': True, |
| ... | ... | |
| 329 | 329 |
settings.LDAP_AUTH_SETTINGS = [ |
| 330 | 330 |
{
|
| 331 | 331 |
'url': [slapd.ldap_url], |
| 332 |
'basedn': u'o=ôrga',
|
|
| 332 |
'basedn': 'o=ôrga', |
|
| 333 | 333 |
'use_tls': False, |
| 334 | 334 |
'keep_password_in_session': True, |
| 335 | 335 |
} |
| ... | ... | |
| 341 | 341 |
assert force_bytes('Étienne Michu') in result.content
|
| 342 | 342 |
assert User.objects.count() == 1 |
| 343 | 343 |
user = User.objects.get() |
| 344 |
assert user.username == u'%s@ldap' % USERNAME
|
|
| 345 |
assert user.first_name == u'Étienne'
|
|
| 344 |
assert user.username == '%s@ldap' % USERNAME |
|
| 345 |
assert user.first_name == 'Étienne' |
|
| 346 | 346 |
assert user.last_name == 'Michu' |
| 347 | 347 |
assert user.ou == get_default_ou() |
| 348 | 348 |
assert not user.check_password(PASS) |
| ... | ... | |
| 357 | 357 |
settings.LDAP_AUTH_SETTINGS = [ |
| 358 | 358 |
{
|
| 359 | 359 |
'url': [slapd.ldap_url], |
| 360 |
'basedn': u'o=ôrga',
|
|
| 360 |
'basedn': 'o=ôrga', |
|
| 361 | 361 |
'use_tls': False, |
| 362 | 362 |
'keep_password': True, |
| 363 | 363 |
} |
| ... | ... | |
| 381 | 381 |
settings.LDAP_AUTH_SETTINGS = [ |
| 382 | 382 |
{
|
| 383 | 383 |
'url': [slapd.ldap_url], |
| 384 |
'basedn': u'o=ôrga',
|
|
| 384 |
'basedn': 'o=ôrga', |
|
| 385 | 385 |
'use_tls': False, |
| 386 | 386 |
'ou_slug': 'test', |
| 387 | 387 |
} |
| ... | ... | |
| 393 | 393 |
assert force_bytes('Étienne Michu') in result.content
|
| 394 | 394 |
assert User.objects.count() == 1 |
| 395 | 395 |
user = User.objects.get() |
| 396 |
assert user.username == u'%s@ldap' % USERNAME
|
|
| 397 |
assert user.first_name == u'Étienne'
|
|
| 398 |
assert user.last_name == u'Michu'
|
|
| 396 |
assert user.username == '%s@ldap' % USERNAME |
|
| 397 |
assert user.first_name == 'Étienne' |
|
| 398 |
assert user.last_name == 'Michu' |
|
| 399 | 399 |
assert user.ou == ou |
| 400 | 400 |
assert not user.check_password(PASS) |
| 401 | 401 | |
| ... | ... | |
| 404 | 404 |
settings.LDAP_AUTH_SETTINGS = [ |
| 405 | 405 |
{
|
| 406 | 406 |
'url': [slapd.ldap_url], |
| 407 |
'basedn': u'o=ôrga',
|
|
| 407 |
'basedn': 'o=ôrga', |
|
| 408 | 408 |
'use_tls': False, |
| 409 | 409 |
'ou_slug': 'test', |
| 410 | 410 |
} |
| ... | ... | |
| 437 | 437 |
settings.LDAP_AUTH_SETTINGS = [ |
| 438 | 438 |
{
|
| 439 | 439 |
'url': [slapd.ldap_url], |
| 440 |
'basedn': u'o=ôrga',
|
|
| 440 |
'basedn': 'o=ôrga', |
|
| 441 | 441 |
'use_tls': False, |
| 442 | 442 |
'create_group': True, |
| 443 | 443 |
'group_mapping': [ |
| ... | ... | |
| 450 | 450 |
'/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True
|
| 451 | 451 |
) |
| 452 | 452 |
assert Group.objects.filter(name='Group1').count() == 1 |
| 453 |
assert response.context['user'].username == u'%s@ldap' % USERNAME
|
|
| 453 |
assert response.context['user'].username == '%s@ldap' % USERNAME |
|
| 454 | 454 |
assert response.context['user'].groups.count() == 1 |
| 455 | 455 | |
| 456 | 456 | |
| ... | ... | |
| 460 | 460 |
settings.LDAP_AUTH_SETTINGS = [ |
| 461 | 461 |
{
|
| 462 | 462 |
'url': [slapd.ldap_url], |
| 463 |
'basedn': u'o=ôrga',
|
|
| 463 |
'basedn': 'o=ôrga', |
|
| 464 | 464 |
'use_tls': False, |
| 465 | 465 |
'create_group': True, |
| 466 | 466 |
'group_mapping': [ |
| ... | ... | |
| 474 | 474 |
'/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True
|
| 475 | 475 |
) |
| 476 | 476 |
assert Group.objects.filter(name='Group2').count() == 1 |
| 477 |
assert response.context['user'].username == u'%s@ldap' % USERNAME
|
|
| 477 |
assert response.context['user'].username == '%s@ldap' % USERNAME |
|
| 478 | 478 |
assert response.context['user'].groups.count() == 1 |
| 479 | 479 | |
| 480 | 480 | |
| ... | ... | |
| 485 | 485 |
settings.LDAP_AUTH_SETTINGS = [ |
| 486 | 486 |
{
|
| 487 | 487 |
'url': [slapd.ldap_url], |
| 488 |
'basedn': u'o=ôrga',
|
|
| 488 |
'basedn': 'o=ôrga', |
|
| 489 | 489 |
'use_tls': False, |
| 490 | 490 |
# memberOf is not defined on OpenLDAP so we use street for storing DN like |
| 491 | 491 |
# memberOf values |
| ... | ... | |
| 499 | 499 |
response = client.post( |
| 500 | 500 |
'/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True
|
| 501 | 501 |
) |
| 502 |
assert response.context['user'].username == u'%s@ldap' % USERNAME
|
|
| 502 |
assert response.context['user'].username == '%s@ldap' % USERNAME |
|
| 503 | 503 |
assert set(response.context['user'].roles.values_list('name', flat=True)) == set(['Role1', 'Role2'])
|
| 504 | 504 | |
| 505 | 505 | |
| ... | ... | |
| 508 | 508 |
settings.LDAP_AUTH_SETTINGS = [ |
| 509 | 509 |
{
|
| 510 | 510 |
'url': [slapd.ldap_url], |
| 511 |
'basedn': u'o=ôrga',
|
|
| 511 |
'basedn': 'o=ôrga', |
|
| 512 | 512 |
'use_tls': False, |
| 513 | 513 |
'group_to_role_mapping': [ |
| 514 | 514 |
['cn=group2,o=ôrga', ['Role2']], |
| ... | ... | |
| 519 | 519 |
response = client.post( |
| 520 | 520 |
'/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True
|
| 521 | 521 |
) |
| 522 |
assert response.context['user'].username == u'%s@ldap' % USERNAME
|
|
| 522 |
assert response.context['user'].username == '%s@ldap' % USERNAME |
|
| 523 | 523 |
assert response.context['user'].roles.count() == 1 |
| 524 | 524 | |
| 525 | 525 | |
| ... | ... | |
| 528 | 528 |
settings.LDAP_AUTH_SETTINGS = [ |
| 529 | 529 |
{
|
| 530 | 530 |
'url': [slapd.ldap_url], |
| 531 |
'basedn': u'o=ôrga',
|
|
| 531 |
'basedn': 'o=ôrga', |
|
| 532 | 532 |
'use_tls': False, |
| 533 | 533 |
'group_to_role_mapping': [ |
| 534 | 534 |
['cn=group1,o=ôrga', ['Role3']], |
| ... | ... | |
| 580 | 580 |
'/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True
|
| 581 | 581 |
) |
| 582 | 582 |
assert Group.objects.count() == 0 |
| 583 |
assert response.context['user'].username == u'%s@ldap' % USERNAME
|
|
| 583 |
assert response.context['user'].username == '%s@ldap' % USERNAME |
|
| 584 | 584 |
assert response.context['user'].is_superuser |
| 585 | 585 |
assert not response.context['user'].is_staff |
| 586 | 586 | |
| ... | ... | |
| 591 | 591 |
settings.LDAP_AUTH_SETTINGS = [ |
| 592 | 592 |
{
|
| 593 | 593 |
'url': [slapd.ldap_url], |
| 594 |
'basedn': u'o=ôrga',
|
|
| 594 |
'basedn': 'o=ôrga', |
|
| 595 | 595 |
'use_tls': False, |
| 596 | 596 |
'groupstaff': [u'cn=group1,o=ôrga'], |
| 597 | 597 |
} |
| ... | ... | |
| 600 | 600 |
'/login/', {'login-password-submit': '1', 'username': 'etienne.michu', 'password': PASS}, follow=True
|
| 601 | 601 |
) |
| 602 | 602 |
assert Group.objects.count() == 0 |
| 603 |
assert response.context['user'].username == u'%s@ldap' % USERNAME
|
|
| 603 |
assert response.context['user'].username == '%s@ldap' % USERNAME |
|
| 604 | 604 |
assert response.context['user'].is_staff |
| 605 | 605 |
assert not response.context['user'].is_superuser |
| 606 | 606 | |
| ... | ... | |
| 614 | 614 |
settings.LDAP_AUTH_SETTINGS = [ |
| 615 | 615 |
{
|
| 616 | 616 |
'url': [slapd.ldap_url], |
| 617 |
'basedn': u'o=ôrga',
|
|
| 617 |
'basedn': 'o=ôrga', |
|
| 618 | 618 |
'use_tls': False, |
| 619 | 619 |
'create_group': True, |
| 620 | 620 |
'group_mapping': [ |
| ... | ... | |
| 699 | 699 |
settings.LDAP_AUTH_SETTINGS = [ |
| 700 | 700 |
{
|
| 701 | 701 |
'url': [slapd.ldap_url], |
| 702 |
'basedn': u'o=ôrga',
|
|
| 702 |
'basedn': 'o=ôrga', |
|
| 703 | 703 |
'use_tls': False, |
| 704 | 704 |
'create_group': True, |
| 705 | 705 |
'group_mapping': [ |
| ... | ... | |
| 718 | 718 |
settings.LDAP_AUTH_SETTINGS = [ |
| 719 | 719 |
{
|
| 720 | 720 |
'url': [slapd.ldap_url], |
| 721 |
'basedn': u'o=ôrga',
|
|
| 721 |
'basedn': 'o=ôrga', |
|
| 722 | 722 |
'use_tls': False, |
| 723 | 723 |
'create_group': True, |
| 724 | 724 |
'group_mapping': [ |
| ... | ... | |
| 741 | 741 |
settings.LDAP_AUTH_SETTINGS = [ |
| 742 | 742 |
{
|
| 743 | 743 |
'url': [slapd.ldap_url], |
| 744 |
'basedn': u'o=ôrga',
|
|
| 744 |
'basedn': 'o=ôrga', |
|
| 745 | 745 |
'use_tls': False, |
| 746 | 746 |
'create_group': True, |
| 747 | 747 |
'group_mapping': [ |
| ... | ... | |
| 766 | 766 |
settings.LDAP_AUTH_SETTINGS = [ |
| 767 | 767 |
{
|
| 768 | 768 |
'url': [slapd.ldap_url], |
| 769 |
'basedn': u'o=ôrga',
|
|
| 769 |
'basedn': 'o=ôrga', |
|
| 770 | 770 |
'use_tls': False, |
| 771 | 771 |
'create_group': True, |
| 772 | 772 |
'group_mapping': [ |
| ... | ... | |
| 792 | 792 |
settings.LDAP_AUTH_SETTINGS = [ |
| 793 | 793 |
{
|
| 794 | 794 |
'url': [slapd.ldap_url], |
| 795 |
'basedn': u'o=ôrga',
|
|
| 795 |
'basedn': 'o=ôrga', |
|
| 796 | 796 |
'use_tls': False, |
| 797 | 797 |
'create_group': True, |
| 798 | 798 |
'group_mapping': [ |
| ... | ... | |
| 825 | 825 |
settings.LDAP_AUTH_SETTINGS = [ |
| 826 | 826 |
{
|
| 827 | 827 |
'url': [slapd.ldap_url], |
| 828 |
'basedn': u'o=ôrga',
|
|
| 828 |
'basedn': 'o=ôrga', |
|
| 829 | 829 |
'use_tls': False, |
| 830 | 830 |
'create_group': True, |
| 831 | 831 |
'group_mapping': [ |
| ... | ... | |
| 892 | 892 |
'url': [slapd.ldap_url], |
| 893 | 893 |
'binddn': force_text(slapd.root_bind_dn), |
| 894 | 894 |
'bindpw': force_text(slapd.root_bind_password), |
| 895 |
'basedn': u'o=ôrga',
|
|
| 895 |
'basedn': 'o=ôrga', |
|
| 896 | 896 |
'use_tls': False, |
| 897 | 897 |
'attributes': ['uid', 'carLicense'], |
| 898 | 898 |
} |
| ... | ... | |
| 911 | 911 |
'url': [slapd.ldap_url], |
| 912 | 912 |
'binddn': force_text(slapd.root_bind_dn), |
| 913 | 913 |
'bindpw': force_text(slapd.root_bind_password), |
| 914 |
'basedn': u'o=ôrga',
|
|
| 914 |
'basedn': 'o=ôrga', |
|
| 915 | 915 |
'use_tls': False, |
| 916 | 916 |
'user_can_change_password': False, |
| 917 | 917 |
} |
| ... | ... | |
| 942 | 942 |
settings.LDAP_AUTH_SETTINGS = [ |
| 943 | 943 |
{
|
| 944 | 944 |
'url': [tls_slapd.ldap_url], |
| 945 |
'basedn': u'o=ôrga',
|
|
| 945 |
'basedn': 'o=ôrga', |
|
| 946 | 946 |
'use_tls': False, |
| 947 | 947 |
} |
| 948 | 948 |
] |
| ... | ... | |
| 957 | 957 |
settings.LDAP_AUTH_SETTINGS = [ |
| 958 | 958 |
{
|
| 959 | 959 |
'url': [tls_slapd.ldap_url], |
| 960 |
'basedn': u'o=ôrga',
|
|
| 960 |
'basedn': 'o=ôrga', |
|
| 961 | 961 |
'use_tls': True, |
| 962 | 962 |
'cacertfile': cert_file, |
| 963 | 963 |
} |
| ... | ... | |
| 973 | 973 |
settings.LDAP_AUTH_SETTINGS = [ |
| 974 | 974 |
{
|
| 975 | 975 |
'url': [tls_slapd.ldap_url], |
| 976 |
'basedn': u'o=ôrga',
|
|
| 976 |
'basedn': 'o=ôrga', |
|
| 977 | 977 |
'use_tls': True, |
| 978 | 978 |
'cacertfile': cert_file, |
| 979 | 979 |
'certfile': cert_file, |
| ... | ... | |
| 992 | 992 |
settings.LDAP_AUTH_SETTINGS = [ |
| 993 | 993 |
{
|
| 994 | 994 |
'url': [slapd.ldap_url], |
| 995 |
'basedn': u'o=ôrga',
|
|
| 995 |
'basedn': 'o=ôrga', |
|
| 996 | 996 |
'use_tls': False, |
| 997 | 997 |
'user_attributes': [ |
| 998 | 998 |
{
|
| ... | ... | |
| 1018 | 1018 |
client.post( |
| 1019 | 1019 |
'/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True
|
| 1020 | 1020 |
) |
| 1021 |
username = u'%s@ldap' % USERNAME
|
|
| 1021 |
username = '%s@ldap' % USERNAME |
|
| 1022 | 1022 |
user = User.objects.get(username=username) |
| 1023 |
assert user.attributes.locality == u'Paris'
|
|
| 1023 |
assert user.attributes.locality == 'Paris' |
|
| 1024 | 1024 |
client.session.flush() |
| 1025 | 1025 |
for i in range(5): |
| 1026 | 1026 |
client.post( |
| 1027 | 1027 |
'/login/', |
| 1028 | 1028 |
{
|
| 1029 | 1029 |
'login-password-submit': '1', |
| 1030 |
'username': u'mïchu%s' % i,
|
|
| 1030 |
'username': 'mïchu%s' % i, |
|
| 1031 | 1031 |
'password': PASS, |
| 1032 | 1032 |
}, |
| 1033 | 1033 |
follow=True, |
| 1034 | 1034 |
) |
| 1035 |
username = u'mïchu%s@ldap' % i
|
|
| 1035 |
username = 'mïchu%s@ldap' % i |
|
| 1036 | 1036 |
user = User.objects.get(username=username) |
| 1037 |
assert user.attributes.locality == u'locality%s' % i
|
|
| 1037 |
assert user.attributes.locality == 'locality%s' % i |
|
| 1038 | 1038 |
client.session.flush() |
| 1039 | 1039 | |
| 1040 | 1040 | |
| ... | ... | |
| 1042 | 1042 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1043 | 1043 |
{
|
| 1044 | 1044 |
'url': [slapd.ldap_url], |
| 1045 |
'basedn': u'o=ôrga',
|
|
| 1045 |
'basedn': 'o=ôrga', |
|
| 1046 | 1046 |
'use_tls': False, |
| 1047 | 1047 |
} |
| 1048 | 1048 |
] |
| ... | ... | |
| 1059 | 1059 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1060 | 1060 |
{
|
| 1061 | 1061 |
'url': [slapd_ppolicy.ldap_url], |
| 1062 |
'basedn': u'o=ôrga',
|
|
| 1062 |
'basedn': 'o=ôrga', |
|
| 1063 | 1063 |
'use_tls': False, |
| 1064 | 1064 |
} |
| 1065 | 1065 |
] |
| ... | ... | |
| 1148 | 1148 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1149 | 1149 |
{
|
| 1150 | 1150 |
'url': [slapd_ppolicy.ldap_url], |
| 1151 |
'basedn': u'o=ôrga',
|
|
| 1151 |
'basedn': 'o=ôrga', |
|
| 1152 | 1152 |
'use_tls': False, |
| 1153 | 1153 |
} |
| 1154 | 1154 |
] |
| ... | ... | |
| 1167 | 1167 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1168 | 1168 |
{
|
| 1169 | 1169 |
'url': [slapd_ppolicy.ldap_url], |
| 1170 |
'basedn': u'o=ôrga',
|
|
| 1170 |
'basedn': 'o=ôrga', |
|
| 1171 | 1171 |
'use_tls': False, |
| 1172 | 1172 |
'use_controls': False, |
| 1173 | 1173 |
} |
| ... | ... | |
| 1184 | 1184 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1185 | 1185 |
{
|
| 1186 | 1186 |
'url': [slapd_ppolicy.ldap_url], |
| 1187 |
'basedn': u'o=ôrga',
|
|
| 1187 |
'basedn': 'o=ôrga', |
|
| 1188 | 1188 |
'use_tls': False, |
| 1189 | 1189 |
} |
| 1190 | 1190 |
] |
| ... | ... | |
| 1222 | 1222 | |
| 1223 | 1223 |
user = authenticate(username=USERNAME, password=UPASS) |
| 1224 | 1224 |
assert user.check_password(UPASS) |
| 1225 |
password = u'ogutOmyetew4'
|
|
| 1225 |
password = 'ogutOmyetew4' |
|
| 1226 | 1226 |
user.set_password(password) |
| 1227 | 1227 | |
| 1228 | 1228 |
time.sleep(pwdMaxAge * 3) |
| ... | ... | |
| 1240 | 1240 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1241 | 1241 |
{
|
| 1242 | 1242 |
'url': [slapd_ppolicy.ldap_url], |
| 1243 |
'basedn': u'o=ôrga',
|
|
| 1243 |
'basedn': 'o=ôrga', |
|
| 1244 | 1244 |
'use_tls': False, |
| 1245 | 1245 |
} |
| 1246 | 1246 |
] |
| ... | ... | |
| 1277 | 1277 | |
| 1278 | 1278 |
user = authenticate(username=USERNAME, password=UPASS) |
| 1279 | 1279 |
assert user.check_password(UPASS) |
| 1280 |
password = u'ogutOmyetew4'
|
|
| 1280 |
password = 'ogutOmyetew4' |
|
| 1281 | 1281 |
user.set_password(password) |
| 1282 | 1282 | |
| 1283 | 1283 |
time.sleep(2) |
| ... | ... | |
| 1293 | 1293 |
'url': [slapd_ppolicy.ldap_url], |
| 1294 | 1294 |
'binddn': force_text(slapd_ppolicy.root_bind_dn), |
| 1295 | 1295 |
'bindpw': force_text(slapd_ppolicy.root_bind_password), |
| 1296 |
'basedn': u'o=ôrga',
|
|
| 1296 |
'basedn': 'o=ôrga', |
|
| 1297 | 1297 |
'use_tls': False, |
| 1298 | 1298 |
'attributes': ['carLicense'], |
| 1299 | 1299 |
} |
| ... | ... | |
| 1344 | 1344 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1345 | 1345 |
{
|
| 1346 | 1346 |
'url': [slapd_ppolicy.ldap_url], |
| 1347 |
'basedn': u'o=ôrga',
|
|
| 1347 |
'basedn': 'o=ôrga', |
|
| 1348 | 1348 |
'use_tls': False, |
| 1349 | 1349 |
} |
| 1350 | 1350 |
] |
| ... | ... | |
| 1386 | 1386 |
'url': [slapd.ldap_url], |
| 1387 | 1387 |
'binddn': force_text(DN), |
| 1388 | 1388 |
'bindpw': PASS, |
| 1389 |
'basedn': u'o=ôrga',
|
|
| 1389 |
'basedn': 'o=ôrga', |
|
| 1390 | 1390 |
'ou_slug': ou1.slug, |
| 1391 | 1391 |
'use_tls': False, |
| 1392 | 1392 |
} |
| ... | ... | |
| 1417 | 1417 |
'url': [slapd.ldap_url], |
| 1418 | 1418 |
'binddn': force_text(DN), |
| 1419 | 1419 |
'bindpw': PASS, |
| 1420 |
'basedn': u'o=ôrga',
|
|
| 1420 |
'basedn': 'o=ôrga', |
|
| 1421 | 1421 |
'use_tls': False, |
| 1422 | 1422 |
} |
| 1423 | 1423 |
] |
| ... | ... | |
| 1445 | 1445 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1446 | 1446 |
{
|
| 1447 | 1447 |
'url': [slapd.ldap_url], |
| 1448 |
'basedn': u'o=ôrga',
|
|
| 1448 |
'basedn': 'o=ôrga', |
|
| 1449 | 1449 |
'use_tls': False, |
| 1450 | 1450 |
'user_attributes': [ |
| 1451 | 1451 |
{
|
| ... | ... | |
| 1473 | 1473 |
management.call_command('sync-ldap-users', verbosity=2)
|
| 1474 | 1474 |
assert len(capsys.readouterr().out.splitlines()) == 7 |
| 1475 | 1475 |
assert User.objects.count() == 6 |
| 1476 |
assert all(user.first_name == u'Étienne' for user in User.objects.all())
|
|
| 1477 |
assert all(user.attributes.first_name == u'Étienne' for user in User.objects.all())
|
|
| 1478 |
assert all(user.last_name == u'Michu' for user in User.objects.all())
|
|
| 1479 |
assert all(user.attributes.last_name == u'Michu' for user in User.objects.all())
|
|
| 1476 |
assert all(user.first_name == 'Étienne' for user in User.objects.all()) |
|
| 1477 |
assert all(user.attributes.first_name == 'Étienne' for user in User.objects.all()) |
|
| 1478 |
assert all(user.last_name == 'Michu' for user in User.objects.all()) |
|
| 1479 |
assert all(user.attributes.last_name == 'Michu' for user in User.objects.all()) |
|
| 1480 | 1480 |
assert all( |
| 1481 |
user.attributes.locality == u'Paris' or user.attributes.locality.startswith('locality')
|
|
| 1481 |
user.attributes.locality == 'Paris' or user.attributes.locality.startswith('locality')
|
|
| 1482 | 1482 |
for user in User.objects.all() |
| 1483 | 1483 |
) |
| 1484 | 1484 |
assert all( |
| ... | ... | |
| 1497 | 1497 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1498 | 1498 |
{
|
| 1499 | 1499 |
'url': [slapd.ldap_url], |
| 1500 |
'basedn': u'o=ôrga',
|
|
| 1500 |
'basedn': 'o=ôrga', |
|
| 1501 | 1501 |
'use_tls': False, |
| 1502 | 1502 |
'user_filter': '(&(objectClass=user)(sAMAccountName=*)', # wrong |
| 1503 | 1503 |
} |
| ... | ... | |
| 1512 | 1512 |
settings.LDAP_AUTH_SETTINGS = [ |
| 1513 | 1513 |
{
|
| 1514 | 1514 |
'url': [slapd.ldap_url], |
| 1515 |
'basedn': u'o=ôrga',
|
|
| 1515 |
'basedn': 'o=ôrga', |
|
| 1516 | 1516 |
'use_tls': False, |
| 1517 | 1517 |
'attributes': ['uid', 'carLicense'], |
| 1518 | 1518 |
} |
| ... | ... | |
| 1530 | 1530 |
# simulate LDAP down |
| 1531 | 1531 |
slapd.stop() |
| 1532 | 1532 |
assert user.get_attributes(object(), {}) == {
|
| 1533 |
'dn': u'cn=étienne michu,o=\xf4rga',
|
|
| 1533 |
'dn': 'cn=étienne michu,o=\xf4rga', |
|
| 1534 | 1534 |
'givenname': [u'\xc9tienne'], |
| 1535 | 1535 |
'mail': [u'etienne.michu@example.net'], |
| 1536 | 1536 |
'sn': [u'Michu'], |
| ... | ... | |
| 1546 | 1546 |
ldif = [(ldap.MOD_REPLACE, 'sn', [b'Micho'])] |
| 1547 | 1547 |
conn.modify_s(DN, ldif) |
| 1548 | 1548 |
assert user.get_attributes(object(), {}) == {
|
| 1549 |
'dn': u'cn=étienne michu,o=\xf4rga',
|
|
| 1549 |
'dn': 'cn=étienne michu,o=\xf4rga', |
|
| 1550 | 1550 |
'givenname': [u'\xc9tienne'], |
| 1551 | 1551 |
'mail': [u'etienne.michu@example.net'], |
| 1552 | 1552 |
'sn': [u'Micho'], |
| ... | ... | |
| 1661 | 1661 |
'url': [slapd.ldap_url], |
| 1662 | 1662 |
'binddn': force_text(slapd.root_bind_dn), |
| 1663 | 1663 |
'bindpw': force_text(slapd.root_bind_password), |
| 1664 |
'basedn': u'o=ôrga',
|
|
| 1664 |
'basedn': 'o=ôrga', |
|
| 1665 | 1665 |
'use_tls': False, |
| 1666 | 1666 |
'attributes': ['carLicense'], |
| 1667 | 1667 |
} |
| tests/test_login.py | ||
|---|---|---|
| 199 | 199 |
assert response.pyquery.find('select#id_ou')
|
| 200 | 200 |
assert len(response.pyquery.find('select#id_ou optgroup')) == 0
|
| 201 | 201 |
assert set([elt.text for elt in response.pyquery.find('select#id_ou option')]) == set(
|
| 202 |
[u'Default organizational unit', u'OU1', u'OU2', u'---------']
|
|
| 202 |
[u'Default organizational unit', 'OU1', 'OU2', '---------']
|
|
| 203 | 203 |
) |
| 204 | 204 |
# Check selector is required |
| 205 | 205 |
response.form.set('username', simple_user.username)
|
| ... | ... | |
| 226 | 226 |
assert response.pyquery.find('select#id_ou')
|
| 227 | 227 |
assert len(response.pyquery.find('select#id_ou optgroup')) == 2
|
| 228 | 228 |
assert set([elt.text for elt in response.pyquery.find('select#id_ou option')]) == set(
|
| 229 |
[u'Default organizational unit', u'OU1', u'OU2', u'---------']
|
|
| 229 |
[u'Default organizational unit', 'OU1', 'OU2', '---------']
|
|
| 230 | 230 |
) |
| 231 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == u'Default organizational unit'
|
|
| 231 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == 'Default organizational unit'
|
|
| 232 | 232 | |
| 233 | 233 |
# Create a service |
| 234 | 234 |
service = models.Service.objects.create(name='Service', slug='service', ou=ou1) |
| 235 | 235 |
response = app.get('/login/')
|
| 236 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == u'Default organizational unit'
|
|
| 236 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == 'Default organizational unit'
|
|
| 237 | 237 | |
| 238 | 238 |
# service is specified but not access-control is defined, default for user is selected |
| 239 | 239 |
response = app.get('/login/?service=service')
|
| 240 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == u'Default organizational unit'
|
|
| 240 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == 'Default organizational unit'
|
|
| 241 | 241 | |
| 242 | 242 |
# service is specified, access control is defined but role is empty, default for user is selected |
| 243 | 243 |
service.authorized_roles.through.objects.create(service=service, role=role_ou1) |
| 244 | 244 |
response = app.get('/login/?service=service')
|
| 245 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == u'Default organizational unit'
|
|
| 245 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == 'Default organizational unit'
|
|
| 246 | 246 | |
| 247 | 247 |
# user is added to role_ou1, default for user is still selected |
| 248 | 248 |
user_ou1.roles.add(role_ou1) |
| 249 | 249 |
response = app.get('/login/?service=service')
|
| 250 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == u'Default organizational unit'
|
|
| 250 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == 'Default organizational unit'
|
|
| 251 | 251 | |
| 252 | 252 |
# Clear cookies, OU1 is selected |
| 253 | 253 |
app.cookiejar.clear() |
| 254 | 254 |
response = app.get('/login/?service=service')
|
| 255 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == u'OU1'
|
|
| 255 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == 'OU1'
|
|
| 256 | 256 | |
| 257 | 257 |
# if we change the user's ou, then default selected OU changes |
| 258 | 258 |
user_ou1.ou = ou2 |
| 259 | 259 |
user_ou1.save() |
| 260 | 260 |
response = app.get('/login/?service=service')
|
| 261 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == u'OU2'
|
|
| 261 |
assert response.pyquery.find('select#id_ou option[selected]')[0].text == 'OU2'
|
|
| 262 | 262 | |
| 263 | 263 | |
| 264 | 264 |
def test_login_test_cookie(app, simple_user): |
| tests/test_manager.py | ||
|---|---|---|
| 373 | 373 |
assert 'search-ou' not in form.fields |
| 374 | 374 |
q = response.pyquery.remove_namespaces() |
| 375 | 375 |
assert len(q('table tbody tr')) == 1
|
| 376 |
assert q('table tbody tr').text() == u'simple role'
|
|
| 376 |
assert q('table tbody tr').text() == 'simple role'
|
|
| 377 | 377 |
assert q('table tbody tr').attr('data-url') == '/manage/roles/%s/' % simple_role.pk
|
| 378 | 378 | |
| 379 | 379 |
form.set('search-internals', True)
|
| ... | ... | |
| 392 | 392 |
assert 'search-ou' not in response.form.fields |
| 393 | 393 |
q = response.pyquery.remove_namespaces() |
| 394 | 394 |
assert len(q('table tbody tr')) == 1
|
| 395 |
assert q('table tbody td.name').text() == u'simple role'
|
|
| 395 |
assert q('table tbody td.name').text() == 'simple role'
|
|
| 396 | 396 | |
| 397 | 397 |
response.form.set('search-internals', True)
|
| 398 | 398 |
response = response.form.submit() |
| 399 | 399 |
q = response.pyquery.remove_namespaces() |
| 400 | 400 |
assert len(q('table tbody tr')) == 6
|
| 401 | 401 |
for elt in q('table tbody td.name a'):
|
| 402 |
assert 'Manager' in elt.text or elt.text == u'simple role'
|
|
| 402 |
assert 'Manager' in elt.text or elt.text == 'simple role' |
|
| 403 | 403 | |
| 404 | 404 |
test_user_listing(admin) |
| 405 | 405 |
app.session.flush() |
| ... | ... | |
| 436 | 436 |
assert not checked or key == str(get_default_ou().pk) |
| 437 | 437 |
q = response.pyquery.remove_namespaces() |
| 438 | 438 |
assert len(q('table tbody tr')) == 1
|
| 439 |
assert q('table tbody tr').text() == u'simple role'
|
|
| 439 |
assert q('table tbody tr').text() == 'simple role'
|
|
| 440 | 440 | |
| 441 | 441 |
response.form.set('search-ou', 'all')
|
| 442 | 442 |
response = response.form.submit() |
| ... | ... | |
| 478 | 478 |
q = response.pyquery.remove_namespaces() |
| 479 | 479 |
assert len(q('table tbody tr')) == 2
|
| 480 | 480 |
names = [elt.text for elt in q('table tbody td.name a')]
|
| 481 |
assert set(names) == {u'simple role', u'role_ou1'}
|
|
| 481 |
assert set(names) == {u'simple role', 'role_ou1'}
|
|
| 482 | 482 | |
| 483 | 483 |
response.form.set('search-ou', 'all')
|
| 484 | 484 |
response.form.set('search-internals', True)
|
| ... | ... | |
| 490 | 490 |
'OU1' in elt.text |
| 491 | 491 |
or 'Default' in elt.text |
| 492 | 492 |
or 'Manager' in elt.text |
| 493 |
or elt.text == u'simple role'
|
|
| 494 |
or elt.text == u'role_ou1'
|
|
| 493 |
or elt.text == 'simple role' |
|
| 494 |
or elt.text == 'role_ou1' |
|
| 495 | 495 |
) |
| 496 | 496 | |
| 497 | 497 |
response.form.set('search-ou', 'none')
|
| ... | ... | |
| 854 | 854 |
assert len(response.json['results']) == 3 |
| 855 | 855 |
response = app.get(url, params={'field_id': field_id, 'term': 'Admin cass'})
|
| 856 | 856 |
assert len(response.json['results']) == 1 |
| 857 |
assert response.json['results'][0]['text'] == u'Cassis - Administrateur'
|
|
| 857 |
assert response.json['results'][0]['text'] == 'Cassis - Administrateur' |
|
| 858 | 858 |
response = app.get(url, params={'field_id': field_id, 'term': force_str('Admin édou')})
|
| 859 | 859 |
assert len(response.json['results']) == 1 |
| 860 |
assert response.json['results'][0]['text'] == u'La Bédoule - Administrateur'
|
|
| 860 |
assert response.json['results'][0]['text'] == 'La Bédoule - Administrateur' |
|
| 861 | 861 | |
| 862 | 862 | |
| 863 | 863 |
def test_roles_for_change_widget(admin, app, db): |
| tests/test_registration.py | ||
|---|---|---|
| 366 | 366 | |
| 367 | 367 |
response = app.get(reverse('account_management'))
|
| 368 | 368 | |
| 369 |
assert u'Nom' in response.text
|
|
| 370 |
assert u'Prénom' not in response.text
|
|
| 369 |
assert 'Nom' in response.text |
|
| 370 |
assert 'Prénom' not in response.text |
|
| 371 | 371 | |
| 372 | 372 |
response = app.get(reverse('profile_edit'))
|
| 373 | 373 |
assert 'profession' in response.form.fields |
| ... | ... | |
| 382 | 382 | |
| 383 | 383 |
response = response.follow() |
| 384 | 384 | |
| 385 |
assert u'Nom' in response.text
|
|
| 386 |
assert u'Doe' in response.text
|
|
| 387 |
assert u'Profession' not in response.text
|
|
| 388 |
assert u'pompier' not in response.text
|
|
| 389 |
assert u'Prénom' not in response.text
|
|
| 390 |
assert u'John' not in response.text
|
|
| 385 |
assert 'Nom' in response.text |
|
| 386 |
assert 'Doe' in response.text |
|
| 387 |
assert 'Profession' not in response.text |
|
| 388 |
assert 'pompier' not in response.text |
|
| 389 |
assert 'Prénom' not in response.text |
|
| 390 |
assert 'John' not in response.text |
|
| 391 | 391 | |
| 392 | 392 | |
| 393 | 393 |
def test_registration_email_blacklist(app, settings, db): |
| ... | ... | |
| 414 | 414 |
response = app.post(reverse('registration_register'), params={'email': 'fred@0d..be'}, status=200)
|
| 415 | 415 |
assert 'Enter a valid email address.' in response.context['form'].errors['email'] |
| 416 | 416 | |
| 417 |
response = app.post(reverse('registration_register'), params={'email': u'ééééé'}, status=200)
|
|
| 417 |
response = app.post(reverse('registration_register'), params={'email': 'ééééé'}, status=200)
|
|
| 418 | 418 |
assert 'Enter a valid email address.' in response.context['form'].errors['email'] |
| 419 | 419 | |
| 420 |
response = app.post(reverse('registration_register'), params={'email': u''}, status=200)
|
|
| 420 |
response = app.post(reverse('registration_register'), params={'email': ''}, status=200)
|
|
| 421 | 421 |
assert 'This field is required.' in response.context['form'].errors['email'] |
| 422 | 422 | |
| 423 | 423 | |
| tests/test_user_manager.py | ||
|---|---|---|
| 744 | 744 |
def test_manager_create_user_next(superuser_or_admin, app, ou1): |
| 745 | 745 |
login(app, superuser_or_admin, '/manage/') |
| 746 | 746 | |
| 747 |
next_url = u'/example.nowhere.null/'
|
|
| 748 |
url = u'/manage/users/%s/add/?next=%s' % (ou1.pk, next_url)
|
|
| 747 |
next_url = '/example.nowhere.null/' |
|
| 748 |
url = '/manage/users/%s/add/?next=%s' % (ou1.pk, next_url) |
|
| 749 | 749 |
response = app.get(url) |
| 750 | 750 | |
| 751 | 751 |
# cancel is not handled through form submission, it's a link |
| ... | ... | |
| 753 | 753 |
assert response.pyquery.remove_namespaces()('a.cancel').attr('href') == '../..'
|
| 754 | 754 |
assert response.pyquery.remove_namespaces()('input[name="next"]').attr('value') == next_url
|
| 755 | 755 | |
| 756 |
next_url = u'/example.nowhere.null/$UUID/'
|
|
| 757 |
cancel_url = u'/example.nowhere.cancel/'
|
|
| 758 |
url = u'/manage/users/%s/add/?next=%s&cancel=%s' % (ou1.pk, next_url, cancel_url)
|
|
| 756 |
next_url = '/example.nowhere.null/$UUID/' |
|
| 757 |
cancel_url = '/example.nowhere.cancel/' |
|
| 758 |
url = '/manage/users/%s/add/?next=%s&cancel=%s' % (ou1.pk, next_url, cancel_url) |
|
| 759 | 759 |
response = app.get(url) |
| 760 | 760 | |
| 761 | 761 |
assert response.pyquery.remove_namespaces()('a.cancel').attr('href') == cancel_url
|
| ... | ... | |
| 809 | 809 | |
| 810 | 810 | |
| 811 | 811 |
def test_manager_create_user_next_form_error(superuser_or_admin, app, ou1): |
| 812 |
next_url = u'/example.nowhere.null/'
|
|
| 813 |
url = u'/manage/users/%s/add/?next=%s' % (ou1.pk, next_url)
|
|
| 812 |
next_url = '/example.nowhere.null/' |
|
| 813 |
url = '/manage/users/%s/add/?next=%s' % (ou1.pk, next_url) |
|
| 814 | 814 |
login(app, superuser_or_admin, '/manage/') |
| 815 | 815 |
response = app.get(url) |
| 816 | 816 |
form = response.form |
| ... | ... | |
| 822 | 822 | |
| 823 | 823 | |
| 824 | 824 |
def test_manager_add_user_querystring(superuser_or_admin, app, ou1): |
| 825 |
querystring = u'stay_here=true'
|
|
| 826 |
url = u'/manage/users/add/?%s' % querystring
|
|
| 825 |
querystring = 'stay_here=true' |
|
| 826 |
url = '/manage/users/add/?%s' % querystring |
|
| 827 | 827 |
login(app, superuser_or_admin, '/manage/') |
| 828 | 828 |
response = app.get(url) |
| 829 | 829 | |
| ... | ... | |
| 831 | 831 | |
| 832 | 832 | |
| 833 | 833 |
def test_manager_edit_user_next(app, simple_user, superuser_or_admin): |
| 834 |
next_url = u'/example.nowhere.null/'
|
|
| 835 |
url = u'/manage/users/%s/edit/?next=%s' % (simple_user.pk, next_url)
|
|
| 834 |
next_url = '/example.nowhere.null/' |
|
| 835 |
url = '/manage/users/%s/edit/?next=%s' % (simple_user.pk, next_url) |
|
| 836 | 836 |
login(app, superuser_or_admin, '/manage/') |
| 837 | 837 |
response = app.get(url) |
| 838 | 838 | |
| ... | ... | |
| 845 | 845 | |
| 846 | 846 | |
| 847 | 847 |
def test_manager_edit_user_next_form_error(superuser_or_admin, app, ou1, simple_user): |
| 848 |
next_url = u'/example.nowhere.null/'
|
|
| 849 |
url = u'/manage/users/%s/edit/?next=%s' % (simple_user.pk, next_url)
|
|
| 848 |
next_url = '/example.nowhere.null/' |
|
| 849 |
url = '/manage/users/%s/edit/?next=%s' % (simple_user.pk, next_url) |
|
| 850 | 850 |
login(app, superuser_or_admin, '/manage/') |
| 851 | 851 |
response = app.get(url) |
| 852 | 852 |
form = response.form |
| ... | ... | |
| 873 | 873 |
some_ou = OU.objects.create(name=u'Some Ou', show_username=False) |
| 874 | 874 | |
| 875 | 875 |
login(app, admin, '/manage/') |
| 876 |
url = u'/manage/users/%s/add/' % some_ou.pk
|
|
| 876 |
url = '/manage/users/%s/add/' % some_ou.pk |
|
| 877 | 877 |
response = app.get(url) |
| 878 | 878 |
q = response.pyquery.remove_namespaces() |
| 879 | 879 |
assert len(q('p[id="id_username_p"]')) == 0
|
| ... | ... | |
| 893 | 893 |
simple_user.email_verified = True |
| 894 | 894 |
simple_user.save() |
| 895 | 895 | |
| 896 |
url = u'/manage/users/%s/edit/' % simple_user.pk
|
|
| 896 |
url = '/manage/users/%s/edit/' % simple_user.pk |
|
| 897 | 897 |
login(app, superuser_or_admin, '/manage/') |
| 898 | 898 | |
| 899 | 899 |
user = User.objects.get(id=simple_user.id) |
| ... | ... | |
| 909 | 909 | |
| 910 | 910 | |
| 911 | 911 |
def test_manager_edit_user_address_autocomplete(app, simple_user, superuser_or_admin): |
| 912 |
url = u'/manage/users/%s/edit/' % simple_user.pk
|
|
| 912 |
url = '/manage/users/%s/edit/' % simple_user.pk |
|
| 913 | 913 |
login(app, superuser_or_admin, '/manage/') |
| 914 | 914 | |
| 915 | 915 |
Attribute.objects.create( |
| tests/utils.py | ||
|---|---|---|
| 261 | 261 |
def text_content(node): |
| 262 | 262 |
"""Extract text content from node and all its children. Equivalent to |
| 263 | 263 |
xmlNodeGetContent from libxml.""" |
| 264 |
return u''.join(node.itertext()) if node is not None else ''
|
|
| 264 |
return ''.join(node.itertext()) if node is not None else '' |
|
| 265 | 265 | |
| 266 | 266 | |
| 267 | 267 |
def assert_event(event_type_name, user=None, session=None, service=None, **data): |
| 268 |
- |
|