49 |
49 |
pytestmark = pytest.mark.skipif(not has_slapd(), reason='slapd is not installed')
|
50 |
50 |
|
51 |
51 |
USERNAME = 'etienne.michu'
|
52 |
|
UID = 'etienne.michu'
|
|
52 |
UID = USERNAME
|
53 |
53 |
CN = 'Étienne Michu'
|
54 |
54 |
DN = 'cn=%s,o=ôrga' % escape_dn_chars(CN)
|
55 |
|
PASS = 'passé'
|
56 |
|
UPASS = 'passé'
|
|
55 |
PASS = 'Passé1234'
|
|
56 |
UPASS = 'Passé1234'
|
57 |
57 |
EMAIL = 'etienne.michu@example.net'
|
58 |
58 |
CARLICENSE = '123445ABC'
|
59 |
59 |
UUID = '8ff2f34a-4a36-103c-8d0a-e3a0333484d3'
|
... | ... | |
755 |
755 |
}
|
756 |
756 |
]
|
757 |
757 |
response = client.post(
|
758 |
|
'/login/', {'login-password-submit': '1', 'username': 'etienne.michu', 'password': PASS}, follow=True
|
|
758 |
'/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True
|
759 |
759 |
)
|
760 |
760 |
assert Group.objects.count() == 0
|
761 |
761 |
assert response.context['user'].username == '%s@ldap' % USERNAME
|
... | ... | |
1351 |
1351 |
'use_tls': False,
|
1352 |
1352 |
}
|
1353 |
1353 |
]
|
1354 |
|
user = authenticate(username='etienne.michu', password='passé')
|
|
1354 |
user = authenticate(username=USERNAME, password=PASS)
|
1355 |
1355 |
assert user
|
1356 |
|
assert user.check_password('passé')
|
|
1356 |
assert user.check_password(PASS)
|
1357 |
1357 |
user.set_password('àbon')
|
1358 |
1358 |
assert user.check_password('àbon')
|
1359 |
|
user2 = authenticate(username='etienne.michu', password='àbon')
|
|
1359 |
user2 = authenticate(username=USERNAME, password='àbon')
|
1360 |
1360 |
assert user.pk == user2.pk
|
1361 |
1361 |
|
1362 |
1362 |
with mock.patch(
|
1363 |
1363 |
'authentic2.backends.ldap_backend.LDAPBackend.modify_password', side_effect=ldap.UNWILLING_TO_PERFORM
|
1364 |
1364 |
):
|
1365 |
1365 |
with pytest.raises(PasswordChangeError):
|
1366 |
|
user.set_password('passé')
|
|
1366 |
user.set_password(PASS)
|
1367 |
1367 |
assert 'set_password failed (UNWILLING_TO_PERFORM)' in caplog.text
|
1368 |
1368 |
|
1369 |
1369 |
|
... | ... | |
1890 |
1890 |
assert caplog.records[1].message == 'Binding to server %s (anonymously)' % slapd.ldap_url
|
1891 |
1891 |
assert caplog.records[2].message == (
|
1892 |
1892 |
(
|
1893 |
|
"Created user etienne.michu@ldap (uuid %s) from dn=cn=Étienne Michu,o=ôrga, uid=['etienne.michu'], "
|
|
1893 |
"Created user etienne.michu@ldap (uuid %s) from dn=cn=Étienne Michu,o=ôrga, uid=['%s'], "
|
1894 |
1894 |
"sn=['Michu'], givenname=['Étienne'], l=['Paris'], mail=['etienne.michu@example.net'], entryuuid=['%s']"
|
1895 |
1895 |
)
|
1896 |
|
% (User.objects.first().uuid, entryuuid)
|
|
1896 |
% (User.objects.first().uuid, USERNAME, entryuuid)
|
1897 |
1897 |
)
|
1898 |
1898 |
assert caplog.records[-1].message == 'Search for (|(mail=*)(uid=*)) returned 6 users.'
|
1899 |
1899 |
|
... | ... | |
1918 |
1918 |
User.objects.update(first_name='John')
|
1919 |
1919 |
management.call_command('sync-ldap-users', verbosity=3)
|
1920 |
1920 |
assert caplog.records[2].message == (
|
1921 |
|
"Updated user etienne.michu@ldap (uuid %s) from dn=cn=Étienne Michu,o=ôrga, uid=['etienne.michu'], "
|
|
1921 |
"Updated user etienne.michu@ldap (uuid %s) from dn=cn=Étienne Michu,o=ôrga, uid=['%s'], "
|
1922 |
1922 |
"sn=['Michu'], givenname=['Étienne'], l=['Paris'], mail=['etienne.michu@example.net'], entryuuid=['%s']"
|
1923 |
|
) % (User.objects.first().uuid, entryuuid)
|
|
1923 |
) % (User.objects.first().uuid, USERNAME, entryuuid)
|
1924 |
1924 |
|
1925 |
1925 |
|
1926 |
1926 |
def test_get_users_select_realm(slapd, settings, db, caplog):
|
... | ... | |
1979 |
1979 |
'givenname': ['Étienne'],
|
1980 |
1980 |
'mail': ['etienne.michu@example.net'],
|
1981 |
1981 |
'sn': ['Michu'],
|
1982 |
|
'uid': ['etienne.michu'],
|
|
1982 |
'uid': [USERNAME],
|
1983 |
1983 |
'carlicense': ['123445ABC'],
|
1984 |
1984 |
'entryuuid': None,
|
1985 |
1985 |
}
|
... | ... | |
1990 |
1990 |
'givenname': ['\xc9tienne'],
|
1991 |
1991 |
'mail': ['etienne.michu@example.net'],
|
1992 |
1992 |
'sn': ['Michu'],
|
1993 |
|
'uid': ['etienne.michu'],
|
|
1993 |
'uid': [USERNAME],
|
1994 |
1994 |
'carlicense': ['123445ABC'],
|
1995 |
1995 |
'entryuuid': None,
|
1996 |
1996 |
}
|
... | ... | |
2007 |
2007 |
'givenname': ['\xc9tienne'],
|
2008 |
2008 |
'mail': ['etienne.michu@example.net'],
|
2009 |
2009 |
'sn': ['Micho'],
|
2010 |
|
'uid': ['etienne.michu'],
|
|
2010 |
'uid': [USERNAME],
|
2011 |
2011 |
'carlicense': ['123445ABC'],
|
2012 |
2012 |
'entryuuid': None,
|
2013 |
2013 |
}
|
... | ... | |
2040 |
2040 |
}
|
2041 |
2041 |
]
|
2042 |
2042 |
response = client.post(
|
2043 |
|
'/login/', {'login-password-submit': '1', 'username': 'etienne.michu', 'password': PASS}, follow=True
|
|
2043 |
'/login/', {'login-password-submit': '1', 'username': USERNAME, 'password': PASS}, follow=True
|
2044 |
2044 |
)
|
2045 |
2045 |
user = response.context['user']
|
2046 |
2046 |
fetched_attrs = user.get_attributes(object(), {})
|
... | ... | |
2211 |
2211 |
{
|
2212 |
2212 |
'url': [slapd.ldap_url],
|
2213 |
2213 |
'binddn': force_str('cn=%s,o=ôrga' % escape_dn_chars('Étienne Michu')),
|
2214 |
|
'bindpw': 'passé',
|
|
2214 |
'bindpw': PASS,
|
2215 |
2215 |
'basedn': 'o=ôrga',
|
2216 |
2216 |
'use_tls': False,
|
2217 |
2217 |
}
|
... | ... | |
2227 |
2227 |
assert 'Base ldapsearch command' in ldap_config_text
|
2228 |
2228 |
assert 'ldapsearch -v -H ldapi://' in ldap_config_text
|
2229 |
2229 |
assert '-D "cn=Étienne Michu,o=ôrga"' in ldap_config_text
|
2230 |
|
assert '-w "passé"' in ldap_config_text
|
|
2230 |
assert f'-w "{PASS}"' in ldap_config_text
|
2231 |
2231 |
assert '-b "o=ôrga"' in ldap_config_text
|
2232 |
2232 |
assert '"(|(mail=*)(uid=*))"' in ldap_config_text
|
2233 |
2233 |
|
2234 |
|
-
|