def test_password_length(self):
new_passwd = 'Aa1.$Bb2.^Cc.Dd5%.Ee6&.Dd7*'
short_passwd = new_passwd[:dap_settings.PASSWORD_MIN_LENGTH]
# Too short password doesnt work
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': short_passwd[:-1],
'new_password2': short_passwd[:-1]})
self.assertFalse(form.is_valid())
self.assertEqual(form.errors['new_password1'],
[form.error_messages['password_min_length']])
# Longer password does work
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': short_passwd,
'new_password2': short_passwd})
self.assertTrue(form.is_valid())
# Check correct PasswordChange items were created
self.assertEqual(PasswordChange.objects.all().count(), 2)
self.assertEqual(PasswordChange.objects.filter(
successful=True).count(), 1)
self.assertEqual(PasswordChange.objects.filter(
successful=False).count(), 1)
# Logging tests
self.assertEqual(self.logger.handlers[0].stream.getvalue(), (
'INFO Password change failed for user rf\n'
'INFO Password change successful for user rf\n'))
def test_password_length(self):
pol = PasswordMinLength()
new_passwd = 'Aa1.$Bb2.^Cc.Dd5%.Ee6&.Dd7*'
short_passwd = new_passwd[:pol.min_length]
# Too short password doesnt work
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': short_passwd[:-1],
'new_password2': short_passwd[:-1]})
self.assertFalse(form.is_valid())
msg = unicode(pol.policy_text)
self.assertEqual(form.errors['new_password1'], [msg])
# Longer password does work
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': short_passwd,
'new_password2': short_passwd})
self.assertTrue(form.is_valid())
# Check correct PasswordChange items were created
self.assertEqual(PasswordChange.objects.all().count(), 2)
self.assertEqual(PasswordChange.objects.filter(
successful=True).count(), 1)
self.assertEqual(PasswordChange.objects.filter(
successful=False).count(), 1)
# Logging tests
self.assertEqual(self.logger.handlers[0].stream.getvalue(), (
'INFO Password change failed for user rf\n'
'INFO Password change successful for user rf\n'))
def test_password_differ_old(self):
""" Make sure new password differs from old password """
passwd = 'Aa1.$Bb2.^Cc.Dd5%.Ee6&.Dd7*'
self.user.set_password(passwd)
self.user.save()
form = StrictPasswordChangeForm(self.user, data={
'old_password': passwd,
'new_password1': passwd,
'new_password2': passwd})
self.assertFalse(form.is_valid())
self.assertEqual(form.errors['new_password1'],
[form.error_messages['password_unchanged']])
def test_password_differ_old(self):
""" Make sure new password differs from old password """
passwd = 'Aa1.$Bb2.^Cc.Dd5%.Ee6&.Dd7*'
self.user.set_password(passwd)
self.user.save()
form = StrictPasswordChangeForm(self.user, data={
'old_password': passwd,
'new_password1': passwd,
'new_password2': passwd})
self.assertFalse(form.is_valid())
self.assertEqual(form.errors['new_password1'],
[form.error_messages['password_unchanged']])
def test_password_complexity(self):
# Remove one category at a time to check all posibilities
rules = collections.deque(dap_settings.PASSWORD_COMPLEXITY)
for x in xrange(0, len(rules)):
passwd = u''.join([r['chars'][:4] for r in list(rules)[:-1]])
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': passwd,
'new_password2': passwd})
failing_rule = rules[-1]
self.assertFalse(form.is_valid())
self.assertEqual(form.errors['new_password1'], [
form.error_messages['password_complexity'] % failing_rule])
rules.rotate(1)
def test_password_complexity(self):
# Remove one category at a time to check all posibilities
rules = collections.deque(dap_settings.PASSWORD_COMPLEXITY)
for x in xrange(0, len(rules)):
passwd = u''.join([r['chars'][:4] for r in list(rules)[:-1]])
form = StrictPasswordChangeForm(self.user,
data={
'old_password': '******',
'new_password1': passwd,
'new_password2': passwd
})
failing_rule = rules[-1]
self.assertFalse(form.is_valid())
self.assertEqual(
form.errors['new_password1'],
[form.error_messages['password_complexity'] % failing_rule])
rules.rotate(1)
def test_password_length(self):
pol = PasswordMinLength()
new_passwd = 'Aa1.$Bb2.^Cc.Dd5%.Ee6&.Dd7*'
short_passwd = new_passwd[:pol.min_length]
# Too short password doesnt work
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': short_passwd[:-1],
'new_password2': short_passwd[:-1]})
self.assertFalse(form.is_valid())
msg = str(pol.policy_text)
self.assertEqual(form.errors['new_password1'], [msg])
# Longer password does work
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': short_passwd,
'new_password2': short_passwd})
self.assertTrue(form.is_valid())
# Check correct PasswordChange items were created
self.assertEqual(PasswordChange.objects.all().count(), 2)
self.assertEqual(PasswordChange.objects.filter(
successful=True).count(), 1)
self.assertEqual(PasswordChange.objects.filter(
successful=False).count(), 1)
# Logging tests
self.assertEqual(self.logger.handlers[0].stream.getvalue(), (
'INFO Password change failed for user rf\n'
'INFO Password change successful for user rf\n'))
def test_password_complexity(self):
# List of policies to check, this must match PasswordContains... items
# of testsettings.PASSWORD_STRENGTH_POLICIES
policies = collections.deque([
PasswordContainsUpperCase(),
PasswordContainsLowerCase(),
PasswordContainsNumbers(),
PasswordContainsSymbols(),
])
for x in xrange(0, len(policies)):
# Create a password with 4 chars from every policy except one
passwd = u''.join([pol.chars[:4] for pol in list(policies)[:-1]])
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': passwd,
'new_password2': passwd})
failing_policy = policies[-1]
self.assertFalse(form.is_valid())
err_msg = unicode(failing_policy.policy_text)
self.assertEqual(form.errors['new_password1'], [err_msg])
policies.rotate(1)
def test_password_complexity(self):
# List of policies to check, this must match PasswordContains... items
# of testsettings.PASSWORD_STRENGTH_POLICIES
policies = collections.deque([
PasswordContainsUpperCase(),
PasswordContainsLowerCase(),
PasswordContainsNumbers(),
PasswordContainsSymbols(),
])
for x in xrange(0, len(policies)):
# Create a password with 4 chars from every policy except one
passwd = u''.join([pol.chars[:4] for pol in list(policies)[:-1]])
form = StrictPasswordChangeForm(self.user, data={
'old_password': '******',
'new_password1': passwd,
'new_password2': passwd})
failing_policy = policies[-1]
self.assertFalse(form.is_valid())
err_msg = str(failing_policy.policy_text)
self.assertEqual(form.errors['new_password1'], [err_msg])
policies.rotate(1)
def test_password_length(self):
new_passwd = 'Aa1.$Bb2.^Cc.Dd5%.Ee6&.Dd7*'
short_passwd = new_passwd[:dap_settings.PASSWORD_MIN_LENGTH]
# Too short password doesnt work
form = StrictPasswordChangeForm(self.user,
data={
'old_password': '******',
'new_password1': short_passwd[:-1],
'new_password2': short_passwd[:-1]
})
self.assertFalse(form.is_valid())
self.assertEqual(form.errors['new_password1'],
[form.error_messages['password_min_length']])
# Longer password does work
form = StrictPasswordChangeForm(self.user,
data={
'old_password': '******',
'new_password1': short_passwd,
'new_password2': short_passwd
})
self.assertTrue(form.is_valid())
# Check correct PasswordChange items were created
self.assertEqual(PasswordChange.objects.all().count(), 2)
self.assertEqual(
PasswordChange.objects.filter(successful=True).count(), 1)
self.assertEqual(
PasswordChange.objects.filter(successful=False).count(), 1)
# Logging tests
self.assertEqual(self.logger.handlers[0].stream.getvalue(),
('INFO Password change failed for user rf\n'
'INFO Password change successful for user rf\n'))
