def test_is_ldap_authenticated_user(self, settings, monkeypatch):
test_user = User.objects.get(username="******")
rf = RequestFactory()
request = rf.get(reverse("productdb:home"))
request.user = test_user
result = context_processors.is_ldap_authenticated_user(request)
assert "IS_LDAP_ACCOUNT" in result, "Should provide a variable that indicates that the user is LDAP " \
"authenticated"
assert result["IS_LDAP_ACCOUNT"] is False
# when using the LDAP integration, a custom LDAP backend exists for the user
# if they are readable, the account is an LDAP account
settings.LDAP_ENABLE = True
request = rf.get(reverse("productdb:home"))
request.user = test_user
result = context_processors.is_ldap_authenticated_user(request)
assert "IS_LDAP_ACCOUNT" in result
assert result["IS_LDAP_ACCOUNT"] is False
# mock the custom LDAP backend
monkeypatch.setattr(context_processors, "LDAPBackend", LDAPBackendMock)
request = rf.get(reverse("productdb:home"))
request.user = test_user
result = context_processors.is_ldap_authenticated_user(request)
assert "IS_LDAP_ACCOUNT" in result
assert result["IS_LDAP_ACCOUNT"] is True
def custom_password_change_done(request):
"""thank you page with link to homepage"""
# check if the request comes from an LDAP account, if so, raise a PermissionDenied exception
if context_processors.is_ldap_authenticated_user(request)["IS_LDAP_ACCOUNT"]:
return HttpResponseForbidden("You're not allowed to change your password in this application")
else:
return render(request, "django_project/password_change_done.html", context={})
def custom_password_change(request):
"""custom change password form"""
# check if the request comes from an LDAP account, if so, raise a PermissionDenied exception
if context_processors.is_ldap_authenticated_user(request)["IS_LDAP_ACCOUNT"]:
return HttpResponseForbidden("You're not allowed to change your password in this application")
else:
return password_change(request,
template_name='django_project/change_password.html',
extra_context={},
post_change_redirect="custom_password_change_done")
def custom_password_change(request):
"""custom change password form"""
# check if the request comes from an LDAP account, if so, raise a PermissionDenied exception
if context_processors.is_ldap_authenticated_user(
request)["IS_LDAP_ACCOUNT"]:
return HttpResponseForbidden(
"You're not allowed to change your password in this application")
else:
return password_change(
request,
template_name='django_project/change_password.html',
extra_context={},
post_change_redirect="custom_password_change_done")
def get(self, request, *args, **kwargs):
if context_processors.is_ldap_authenticated_user(request)["IS_LDAP_ACCOUNT"]:
return HttpResponseForbidden("You're not allowed to change your password in this application")
return super().get(request, *args, **kwargs)
