Beispiel #1
0
    def test_login_and_store_credentials_in_session(self):
        # only testing custom logic, which happens on POST
        # everything else is handled by django.contrib.auth
        mockrequest = Mock()
        mockrequest.method = 'POST'

        def not_logged_in(rqst):
            rqst.user.is_authenticated.return_value = False

        def set_logged_in(rqst):
            rqst.user.is_authenticated.return_value = True
            rqst.POST.get.return_value = "TEST_PASSWORD"

        # failed login
        with patch('eulfedora.views.authviews.login',
                   new=Mock(side_effect=not_logged_in)):
            mockrequest.session = dict()
            response = login_and_store_credentials_in_session(mockrequest)
            self.assert_(FEDORA_PASSWORD_SESSION_KEY not in mockrequest.session,
                         'user password for fedora should not be stored in session on failed login')

        # successful login
        with patch('eulfedora.views.authviews.login',
                   new=Mock(side_effect=set_logged_in)):
            response = login_and_store_credentials_in_session(mockrequest)
            self.assert_(FEDORA_PASSWORD_SESSION_KEY in mockrequest.session,
                         'user password for fedora should be stored in session on successful login')
            # test password stored in the mock request
            pwd = mockrequest.POST.get()
            # encrypted password stored in session
            sessionpwd = mockrequest.session[FEDORA_PASSWORD_SESSION_KEY]
            self.assertNotEqual(pwd, sessionpwd,
                                'password should not be stored in the session without encryption')
            self.assertEqual(pwd, cryptutil.decrypt(sessionpwd),
                             'user password stored in session is encrypted')
 def test_encrypt_decrypt(text):
     encrypted = cryptutil.encrypt(text)
     self.assertNotEqual(text, encrypted,
         "encrypted text should not match original")
     decrypted = cryptutil.decrypt(encrypted)
     self.assertEqual(text, force_text(decrypted),
         "decrypted text (%s) should match original encrypted text (%s)" % (force_text(decrypted), text))
Beispiel #3
0
 def test_encrypt_decrypt(text):
     encrypted = cryptutil.encrypt(text)
     self.assertNotEqual(text, encrypted,
                         "encrypted text should not match original")
     decrypted = cryptutil.decrypt(encrypted)
     self.assertEqual(
         text, force_text(decrypted),
         "decrypted text (%s) should match original encrypted text (%s)"
         % (force_text(decrypted), text))
Beispiel #4
0
    def __init__(self, root=None, username=None, password=None, request=None,
                 retries=default_retry_option):

        # when initialized via django, settings should be pulled from django conf
        if root is None:

            try:
                from django.conf import settings
                from eulfedora import cryptutil

                root = getattr(settings, 'FEDORA_ROOT', None)
                if root is None:
                    raise Exception('Cannot initialize a Fedora connection without specifying ' +
                        'Fedora root url directly or in Django settings as FEDORA_ROOT')

                # if username and password are not set, attempt to pull from django conf
                if username is None and password is None:

                    if request is not None and request.user.is_authenticated() and \
                       FEDORA_PASSWORD_SESSION_KEY in request.session:
                        username = request.user.username
                        password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY])

                    if username is None and hasattr(settings, 'FEDORA_USER'):
                        username = settings.FEDORA_USER
                        if password is None and hasattr(settings, 'FEDORA_PASSWORD'):
                            password = settings.FEDORA_PASSWORD

                if hasattr(settings, 'FEDORA_PIDSPACE'):
                    self.default_pidspace = settings.FEDORA_PIDSPACE

                # if retries is specified in
                if hasattr(settings, 'FEDORA_CONNECTION_RETRIES'):
                    self.retries = settings.FEDORA_CONNECTION_RETRIES

            except ImportError:
                pass

        # if retries is specified in init options, that should override
        # default value or django setting
        if retries is not self.default_retry_option:
            self.retries = retries

        if root is None:
            raise Exception('Could not determine Fedora root url from django settings or parameter')

        logger.debug("Connecting to fedora at %s %s", root,
                     'as %s' % username if username
                     else '(no user credentials)')
        self.api = ApiFacade(root, username, password)
        self.fedora_root = self.api.base_url

        self.username = username
        self.password = password
        self._risearch = None
Beispiel #5
0
    def __init__(self, root=None, username=None, password=None, request=None,
                 retries=default_retry_option):

        # when initialized via django, settings should be pulled from django conf
        if root is None:

            try:
                from django.conf import settings
                from eulfedora import cryptutil

                root = getattr(settings, 'FEDORA_ROOT', None)
                if root is None:
                    raise Exception('Cannot initialize a Fedora connection without specifying ' +
                        'Fedora root url directly or in Django settings as FEDORA_ROOT')

                # if username and password are not set, attempt to pull from django conf
                if username is None and password is None:

                    if request is not None and request.user.is_authenticated() and \
                       FEDORA_PASSWORD_SESSION_KEY in request.session:
                        username = request.user.username
                        password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY])

                    if username is None and hasattr(settings, 'FEDORA_USER'):
                        username = settings.FEDORA_USER
                        if password is None and hasattr(settings, 'FEDORA_PASSWORD'):
                            password = settings.FEDORA_PASSWORD

                if hasattr(settings, 'FEDORA_PIDSPACE'):
                    self.default_pidspace = settings.FEDORA_PIDSPACE

                # if retries is specified in
                if hasattr(settings, 'FEDORA_CONNECTION_RETRIES'):
                    self.retries = settings.FEDORA_CONNECTION_RETRIES

            except ImportError:
                pass

        # if retries is specified in init options, that should override
        # default value or django setting
        if retries is not self.default_retry_option:
            self.retries = retries

        if root is None:
            raise Exception('Could not determine Fedora root url from django settings or parameter')

        logger.debug("Connecting to fedora at %s %s" % (root,
                      'as %s' % username if username else '(no user credentials)'))
        self.api = ApiFacade(root, username, password)
        self.fedora_root = self.api.base_url

        self.username = username
        self.password = password
        self._risearch = None
Beispiel #6
0
    def __init__(self, root=None, username=None, password=None, request=None):
        global _connection
        # when initialized via django, settings should be pulled from django conf
        if root is None:
            # if global connection is not set yet, initialize it
            if _connection is None:
                init_pooled_connection()
            root = _connection

            # if username and password are not set, attempt to pull from django conf
            if username is None and password is None:
                try:
                    from django.conf import settings
                    from eulfedora import cryptutil
                    
                    if request is not None and request.user.is_authenticated() and \
                       FEDORA_PASSWORD_SESSION_KEY in request.session:
                        username = request.user.username
                        password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY])            

                    if username is None and hasattr(settings, 'FEDORA_USER'):
                        username = settings.FEDORA_USER
                        if password is None and hasattr(settings, 'FEDORA_PASSWORD'):
                            password = settings.FEDORA_PASSWORD

                    if hasattr(settings, 'FEDORA_PIDSPACE'):
                        self.default_pidspace = settings.FEDORA_PIDSPACE

                except ImportError:
                    pass
                
        if root is None:
            raise Exception('Could not determine Fedora root url from django settings or parameter')

        logger.debug("Connecting to fedora at %s %s" % (root,
                      'as %s' % username if username else '(no user credentials)'))
        self.opener = AuthorizingServerConnection(root, username, password)
        self.api = ApiFacade(self.opener)
        self.fedora_root = self.opener.base_url

        self.username = username
        self.password = password
        self._risearch = None
Beispiel #7
0
    def test_login_and_store_credentials_in_session(self):
        # only testing custom logic, which happens on POST
        # everything else is handled by django.contrib.auth
        mockrequest = Mock()
        mockrequest.method = 'POST'

        def not_logged_in(rqst):
            rqst.user.is_authenticated.return_value = False

        def set_logged_in(rqst):
            rqst.user.is_authenticated.return_value = True
            rqst.POST.get.return_value = "TEST_PASSWORD"

        # failed login
        with patch('eulfedora.views.authviews.login',
                   new=Mock(side_effect=not_logged_in)):
            mockrequest.session = dict()
            response = login_and_store_credentials_in_session(mockrequest)
            self.assert_(
                FEDORA_PASSWORD_SESSION_KEY not in mockrequest.session,
                'user password for fedora should not be stored in session on failed login'
            )

        # successful login
        with patch('eulfedora.views.authviews.login',
                   new=Mock(side_effect=set_logged_in)):
            response = login_and_store_credentials_in_session(mockrequest)
            self.assert_(
                FEDORA_PASSWORD_SESSION_KEY in mockrequest.session,
                'user password for fedora should be stored in session on successful login'
            )
            # test password stored in the mock request
            pwd = mockrequest.POST.get()
            # encrypted password stored in session
            sessionpwd = mockrequest.session[FEDORA_PASSWORD_SESSION_KEY]
            self.assertNotEqual(
                pwd, sessionpwd,
                'password should not be stored in the session without encryption'
            )
            self.assertEqual(pwd, force_text(cryptutil.decrypt(sessionpwd)),
                             'user password stored in session is encrypted')