From be43214c6083bba21ac0d5f0b39f34132fa0d356 Mon Sep 17 00:00:00 2001
From: Josue Kouka <jkouka@entrouvert.com>
Date: Mon, 11 Jan 2016 18:47:48 +0100
Subject: [PATCH] fix crypted password importion (#9588)

---
 .../management/commands/migrate-ldap-users.py      |  8 +++-
 tests/ldap_users.txt                               | 56 ++++++++++++++++++++++
 tests/tests.py                                     | 21 +++++++-
 3 files changed, 83 insertions(+), 2 deletions(-)
 create mode 100644 tests/ldap_users.txt

diff --git a/mandayejs/mandaye/management/commands/migrate-ldap-users.py b/mandayejs/mandaye/management/commands/migrate-ldap-users.py
index ea9f4e8..afbd057 100644
--- a/mandayejs/mandaye/management/commands/migrate-ldap-users.py
+++ b/mandayejs/mandaye/management/commands/migrate-ldap-users.py
@@ -2,6 +2,7 @@ from __future__ import absolute_import
 
 import json
 import ldif
+import logging
 
 from django.core.management.base import BaseCommand, CommandError
 from django.db import IntegrityError
@@ -9,6 +10,7 @@ from django.contrib.auth import get_user_model
 
 from mandayejs.mandaye.models import UserCredentials  
 
+logger = logging.getLogger(__name__)
 
 class Command(BaseCommand):
     args = '<ldif_file>'
@@ -33,11 +35,15 @@ class Command(BaseCommand):
         for data in parsed_data:
             data = { k : ''.join(v) for k,v in data.items()}
             try:
-                user = User(username=data.get('idpUniqueID'), last_name=data.get('spLogin'))
+                user, created = User.objects.get_or_create(username=data.get('idpUniqueID'), 
+                        last_name=data.get('spLogin'))
                 user.save()
                 uc = UserCredentials(user=user, locators=json.loads(data.get('spPostValues')))
+                uc.decrypt()
                 uc.save()
                 self.stdout.write('{idpUniqueID} imported'.format(**data))
+                logger.debug('{idpUniqueID} imported'.format(**data))
             except (IntegrityError,) as e:
+                logger.debug(e)
                 continue
 
diff --git a/tests/ldap_users.txt b/tests/ldap_users.txt
new file mode 100644
index 0000000..d47f678
--- /dev/null
+++ b/tests/ldap_users.txt
@@ -0,0 +1,56 @@
+dn: uniqueID=928438,ou=mandaye,dc=entrouvert,dc=org
+objectClass: MandayeUser
+creationDate: 20140716164715Z
+lastConnectionDate: 20111021105200Z
+spName: duonet
+idpUniqueID: 10cdd3ab97600be4abe9764c4a52a7f794f79f7b94b80dcb8ab3973e24c8a6e7
+idpName: default
+spLogin: ldap_user1
+structuralObjectClass: MandayeUser
+uniqueID: 928438
+entryUUID: 061ece3e-f3ac-1033-91e7-8926ba287cf0
+creatorsName: cn=admin,dc=entrouvert,dc=org
+createTimestamp: 20141029113944Z
+spPostValues: {"txtCode": "Y4HL6cbGxRsoHQU97VzXgkqEdA==", "txtNomFoyer": "ldap_user1", "t
+ xtDateNaissance": "23/04/1991"}
+entryCSN: 20141029133206.125440Z#000000#001#000000
+modifiersName: cn=admin,dc=entrouvert,dc=org
+modifyTimestamp: 20141029133206Z
+
+dn: uniqueID=434365,ou=mandaye,dc=entrouvert,dc=org
+objectClass: MandayeUser
+creationDate: 20140716164715Z
+lastConnectionDate: 20111017155607Z
+spName: duonet
+idpUniqueID: b5833764a198882b90f28593432992f4030c4d9672e2d98ee6f2ffdea9f9e8d8
+idpName: default
+spLogin: ldap_user2
+structuralObjectClass: MandayeUser
+uniqueID: 434365
+entryUUID: 061fe3c8-f3ac-1033-91ea-8926ba287cf0
+creatorsName: cn=admin,dc=entrouvert,dc=org
+createTimestamp: 20141029113944Z
+spPostValues: {"txtCode": "Y4HL6cbGxRsoHQU97VzXgkqEdw==", "txtNomFoyer": "ldap_user2", "t
+ xtDateNaissance": "23/04/1991"}
+entryCSN: 20141029133206.144171Z#000000#001#000000
+modifiersName: cn=admin,dc=entrouvert,dc=org
+modifyTimestamp: 20141029133206Z
+
+dn: uniqueID=1179584,ou=mandaye,dc=entrouvert,dc=org
+objectClass: MandayeUser
+creationDate: 20140716164715Z
+lastConnectionDate: 20111028184745Z
+spName: duonet
+idpUniqueID: 0bb5457e510533c50429163843bc6f57c3582f7dea8661afab834377ac8dfa64
+idpName: default
+spLogin: ldap_user3
+structuralObjectClass: MandayeUser
+uniqueID: 1179584
+entryUUID: 0620818e-f3ac-1033-91ec-8926ba287cf0
+creatorsName: cn=admin,dc=entrouvert,dc=org
+createTimestamp: 20141029113944Z
+spPostValues: {"txtCode": "Y4HL6cbGxRsoHQU97VzXgkqEdg==", "txtNomFoyer": "ldap_user3",
+  "txtDateNaissance": "19/08/1953"}
+entryCSN: 20141029133206.156443Z#000000#001#000000
+modifiersName: cn=admin,dc=entrouvert,dc=org
+modifyTimestamp: 20141029133206Z
diff --git a/tests/tests.py b/tests/tests.py
index ede3740..dfc61fd 100644
--- a/tests/tests.py
+++ b/tests/tests.py
@@ -2,11 +2,14 @@ import pytest
 
 from django.conf import settings
 from django.contrib.auth.models import User
+from django.core.management import call_command
 
 from mandayejs.mandaye.models import UserCredentials
 
 pytestmark = pytest.mark.django_db
 
+# Encryption/Decryption
+
 def create_user(**kwargs):
     password = kwargs.pop('password', None) or kwargs.get('username')
     user, created = User.objects.get_or_create(**kwargs)
@@ -41,5 +44,21 @@ def test_encryption(credentials):
     assert decrypted.get('password') == 'john password'
     
 
+# Migration
 def test_migrate_users_command():
-    pass
+
+    args = ['tests/ldap_users.txt',]
+    opts = {}
+    call_command('migrate-ldap-users', *args, **opts)
+
+    credentials = UserCredentials.objects.filter(user__last_name__in=[
+            'ldap_user1',
+            'ldap_user2',
+            'ldap_user3'
+        ])
+
+    assert len(credentials) == 3
+
+    for cred in credentials:
+        assert cred.to_login_info(decrypt=True)['#txtCode'] == 'password_{}'.format(cred.user.last_name)
+
-- 
2.6.4