def test_authenticate_without_ldap(self):
assert not User.objects.all().exists()
user = User.objects.create(username='******', email='*****@*****.**')
user.set_password('secret')
user.save()
backend = MozLdapBackend()
eq_(backend.authenticate('*****@*****.**', 'secret'), user)
eq_(backend.authenticate('foo', 'secret'), user)
eq_(backend.authenticate('foo', 'JUNK'), None)
def test_authenticate_without_ldap(self):
assert not User.objects.all().exists()
user = User.objects.create(username="******", email="*****@*****.**")
user.set_password("secret")
user.save()
backend = MozLdapBackend()
eq_(backend.authenticate("*****@*****.**", "secret"), user)
eq_(backend.authenticate("foo", "secret"), user)
eq_(backend.authenticate("foo", "JUNK"), None)
def test_lost_group_privileges(self):
# test a user that is part of the `Localizers` group one day but not
# the other
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
groups = [
('cn=scm_l10n,ou=groups,dc=mozilla',
{'cn': ['scm_l10n']}),
('cn=buildteam,ou=groups,dc=mozilla',
{'cn': ['buildteam']})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': groups
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(user.groups.filter(name='Localizers').exists())
ok_(user.groups.filter(name='build').exists())
new_groups = [
('cn=buildteam,ou=groups,dc=mozilla',
{'cn': ['buildteam']})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': new_groups
}))
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(not user.groups.filter(name='Localizers').exists())
ok_(user.groups.filter(name='build').exists())
# Now reverse it
new_new_groups = [
('cn=scm_l10n,ou=groups,dc=mozilla',
{'cn': ['scm_l10n']})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': new_new_groups
}))
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(user.groups.filter(name='Localizers').exists())
ok_(not user.groups.filter(name='build').exists())
def test_lost_group_privileges(self):
# test a user that is part of the `Localizers` group one day but not
# the other
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
groups = [('cn=scm_l10n,ou=groups,dc=mozilla', {
'cn': ['scm_l10n']
}), ('cn=buildteam,ou=groups,dc=mozilla', {
'cn': ['buildteam']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': groups
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(user.groups.filter(name='Localizers').exists())
ok_(user.groups.filter(name='build').exists())
new_groups = [('cn=buildteam,ou=groups,dc=mozilla', {
'cn': ['buildteam']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': new_groups
}))
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(not user.groups.filter(name='Localizers').exists())
ok_(user.groups.filter(name='build').exists())
# Now reverse it
new_new_groups = [('cn=scm_l10n,ou=groups,dc=mozilla', {
'cn': ['scm_l10n']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': new_new_groups
}))
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(user.groups.filter(name='Localizers').exists())
ok_(not user.groups.filter(name='build').exists())
def test_authenticate_without_ldap(self):
assert not User.objects.all().exists()
user = User.objects.create(username='******', email='*****@*****.**')
user.set_password('secret')
user.save()
backend = MozLdapBackend()
eq_(backend.authenticate('*****@*****.**', 'secret'),
user)
eq_(backend.authenticate('foo', 'secret'), user)
eq_(backend.authenticate('foo', 'JUNK'), None)
def test_authenticate_with_non_ascii_password(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
email = '*****@*****.**'
fake_user = [('mail=%s,...' % email, {
'cn': ['Peter Bengtsson'],
'givenName': ['Peter'],
'mail': [email],
'sn': ['Bengtsson'],
'uid': ['pbengtsson']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate(email, u's\xc4cret')
ok_(user)
ok_(User.objects.get(email=email))
def test_authenticate_with_ldap_new_user_with_long_email(self):
assert not User.objects.all().exists()
ldap.open = Mock("ldap.open")
ldap.open.mock_returns = Mock("ldap_connection")
ldap.set_option = Mock(return_value=None)
long_email = "*****@*****.**"
fake_user = [
(
"mail=%s,..." % long_email,
{
"cn": ["Peter Bengtsson"],
"givenName": ["Pet\xc3\xa3r"], # utf-8 encoded
"mail": [long_email],
"sn": ["Bengtss\xc2\xa2n"],
"uid": ["pbengtsson"],
},
)
]
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": fake_user, "ou=groups,dc=mozilla": self.fake_group})
)
backend = MozLdapBackend()
user = backend.authenticate(long_email, "secret")
ok_(user)
ok_(User.objects.get(email=long_email))
ok_(len(User.objects.get(email=long_email).username) <= 30)
user = User.objects.get(first_name=u"Pet\xe3r")
eq_(user.last_name, u"Bengtss\xa2n")
ok_(not user.has_usable_password())
ok_(not user.check_password("secret"))
def test_authenticate_with_ldap_existing_user(self):
assert not User.objects.all().exists()
user = User.objects.create(username="******", first_name=u"P\xe4ter", last_name=u"B\xa3ngtsson")
assert user.groups.all().count() == 0
user.set_unusable_password()
user.save()
ldap.open = Mock("ldap.open")
ldap.open.mock_returns = Mock("ldap_connection")
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": self.fake_group})
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
ok_(user)
_first_name = self.fake_user[0][1]["givenName"][0]
eq_(user.first_name, unicode(_first_name, "utf-8"))
_last_name = self.fake_user[0][1]["sn"][0]
eq_(user.last_name, unicode(_last_name, "utf-8"))
eq_(user.email, self.fake_user[0][1]["mail"][0])
user_saved = User.objects.get(username="******")
eq_(user_saved.first_name, user.first_name)
eq_(user_saved.last_name, user.last_name)
ok_(user_saved.groups.filter(name="Localizers").exists())
def test_authenticate_with_ldap_existing_user(self):
assert not User.objects.all().exists()
user = User.objects.create(
username='******',
first_name=u'P\xe4ter',
last_name=u'B\xa3ngtsson',
)
user.set_unusable_password()
user.save()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(user)
_first_name = self.fake_user[0][1]['givenName'][0]
eq_(user.first_name, unicode(_first_name, 'utf-8'))
_last_name = self.fake_user[0][1]['sn'][0]
eq_(user.last_name, unicode(_last_name, 'utf-8'))
eq_(user.email, self.fake_user[0][1]['mail'][0])
user_saved = User.objects.get(username='******')
eq_(user_saved.first_name, user.first_name)
eq_(user_saved.last_name, user.last_name)
def test_authenticate_with_ldap_existing_user(self):
assert not User.objects.all().exists()
user = User.objects.create(
username='******',
email='*****@*****.**',
first_name='P\xe4ter',
last_name='B\xa3ngtsson',
)
assert user.groups.all().count() == 0
user.set_unusable_password()
user.save()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('*****@*****.**', 'secret')
self.assertTrue(user)
_first_name = self.fake_user[0][1]['givenName'][0]
self.assertEqual(user.first_name, _first_name.decode('utf-8'))
_last_name = self.fake_user[0][1]['sn'][0]
self.assertEqual(user.last_name, _last_name.decode('utf-8'))
self.assertEqual(user.email, self.fake_user[0][1]['mail'][0])
user_saved = User.objects.get(email='*****@*****.**')
self.assertEqual(user_saved.first_name, user.first_name)
self.assertEqual(user_saved.last_name, user.last_name)
self.assertTrue(user_saved.groups.filter(name='Localizers').exists())
def test_authenticate_with_ldap_new_user_with_long_email(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
long_email = '*****@*****.**'
fake_user = [(
'mail=%s,...' % long_email,
{
'cn': ['Peter Bengtsson'],
'givenName': ['Pet\xc3\xa3r'], # utf-8 encoded
'mail': [long_email],
'sn': ['Bengtss\xc2\xa2n'],
'uid': ['pbengtsson']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate(long_email, 'secret')
ok_(user)
ok_(User.objects.get(email=long_email))
ok_(len(User.objects.get(email=long_email).username) <= 30)
user = User.objects.get(first_name=u'Pet\xe3r')
eq_(user.last_name, u'Bengtss\xa2n')
ok_(not user.has_usable_password())
ok_(not user.check_password('secret'))
def test_authenticate_with_non_ascii_password(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
email = '*****@*****.**'
fake_user = [
('mail=%s,...' % email,
{'cn': ['Peter Bengtsson'],
'givenName': ['Peter'],
'mail': [email],
'sn': ['Bengtsson'],
'uid': ['pbengtsson']
})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate(email, 's\xc4cret')
self.assertTrue(user)
self.assertTrue(User.objects.get(email=email))
def test_authenticate_with_ldap_new_user_with_long_email(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
long_email = '*****@*****.**'
fake_user = [
('mail=%s,...' % long_email,
{'cn': ['Peter Bengtsson'],
'givenName': ['Pet\xc3\xa3r'], # utf-8 encoded
'mail': [long_email],
'sn': ['Bengtss\xc2\xa2n'],
'uid': ['pbengtsson']
})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate(long_email, 'secret')
ok_(user)
ok_(User.objects.get(email=long_email))
ok_(len(User.objects.get(email=long_email).username) <= 30)
user = User.objects.get(first_name=u'Pet\xe3r')
eq_(user.last_name, u'Bengtss\xa2n')
ok_(not user.has_usable_password())
ok_(not user.check_password('secret'))
def test_authenticate_with_ldap_existing_user(self):
assert not User.objects.all().exists()
user = User.objects.create(
username='******',
first_name=u'P\xe4ter',
last_name=u'B\xa3ngtsson',
)
assert user.groups.all().count() == 0
user.set_unusable_password()
user.save()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(user)
_first_name = self.fake_user[0][1]['givenName'][0]
eq_(user.first_name, unicode(_first_name, 'utf-8'))
_last_name = self.fake_user[0][1]['sn'][0]
eq_(user.last_name, unicode(_last_name, 'utf-8'))
eq_(user.email, self.fake_user[0][1]['mail'][0])
user_saved = User.objects.get(username='******')
eq_(user_saved.first_name, user.first_name)
eq_(user_saved.last_name, user.last_name)
ok_(user_saved.groups.filter(name='Localizers').exists())
def test_authenticate_with_ldap_wrong_username(self):
ldap.initialize = Mock(
return_value=MockLDAP(
{"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": self.fake_group},
credentials={"some-other-uid": "secret"},
)
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
eq_(user, None)
def test_authentication_ldap_username_not_recognized(self):
ldap.initialize = Mock(
return_value=MockLDAP(
{"dc=mozilla": None, "ou=groups,dc=mozilla": self.fake_group},
credentials={self.fake_user[0][0]: "secret"},
)
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
ok_(not user)
def test_authentication_ldap_username_not_recognized(self):
ldap.initialize = Mock(return_value=MockLDAP(
{
'dc=mozilla': None,
'ou=groups,dc=mozilla': self.fake_group
},
credentials={self.fake_user[0][0]: 'secret'}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(not user)
def test_authenticate_with_ldap_wrong_password(self):
ldap.initialize = Mock(return_value=MockLDAP(
{
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
},
credentials={self.fake_user[0][0]: 'rightsecret'}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
eq_(user, None)
def test_authenticate_with_ldap_wrong_username(self):
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}, credentials={
'some-other-uid': 'secret'
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
eq_(user, None)
def test_authentication_ldap_username_not_recognized(self):
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': None,
'ou=groups,dc=mozilla': self.fake_group
}, credentials={
self.fake_user[0][0]: 'secret'
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(not user)
def test_authenticate_with_ldap_wrong_password(self):
ldap.initialize = Mock(
return_value=MockLDAP(
{"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": self.fake_group},
credentials={self.fake_user[0][0]: "rightsecret"},
)
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
eq_(user, None)
def test_authenticate_with_ldap_wrong_password(self):
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}, credentials={
self.fake_user[0][0]: 'rightsecret'
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
eq_(user, None)
def test_authenticate_with_ldap_wrong_username(self):
ldap.initialize = Mock(return_value=MockLDAP(
{
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
},
credentials={'some-other-uid': 'secret'}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
eq_(user, None)
def test_lost_group_privileges(self):
# test a user that is part of the `Localizers` group one day but not
# the other
assert not User.objects.all().exists()
ldap.open = Mock("ldap.open")
ldap.open.mock_returns = Mock("ldap_connection")
ldap.set_option = Mock(return_value=None)
groups = [
("cn=scm_l10n,ou=groups,dc=mozilla", {"cn": ["scm_l10n"]}),
("cn=buildteam,ou=groups,dc=mozilla", {"cn": ["buildteam"]}),
]
ldap.initialize = Mock(return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": groups}))
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
assert user == User.objects.get()
ok_(user.groups.filter(name="Localizers").exists())
ok_(user.groups.filter(name="build").exists())
new_groups = [("cn=buildteam,ou=groups,dc=mozilla", {"cn": ["buildteam"]})]
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": new_groups})
)
user = backend.authenticate("foo", "secret")
assert user == User.objects.get()
ok_(not user.groups.filter(name="Localizers").exists())
ok_(user.groups.filter(name="build").exists())
# Now reverse it
new_new_groups = [("cn=scm_l10n,ou=groups,dc=mozilla", {"cn": ["scm_l10n"]})]
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": new_new_groups})
)
user = backend.authenticate("foo", "secret")
assert user == User.objects.get()
ok_(user.groups.filter(name="Localizers").exists())
ok_(not user.groups.filter(name="build").exists())
def test_authenticate_with_ldap_new_user(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(user)
ok_(User.objects.get(username='******'))
user = User.objects.get(first_name=u'Pet\xe3r')
eq_(user.last_name, u'Bengtss\xa2n')
ok_(not user.has_usable_password())
ok_(not user.check_password('secret'))
def test_authenticate_with_ldap_new_user(self):
assert not User.objects.all().exists()
ldap.open = Mock("ldap.open")
ldap.open.mock_returns = Mock("ldap_connection")
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": self.fake_group})
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
ok_(user)
ok_(User.objects.get(username="******"))
user = User.objects.get(first_name=u"Pet\xe3r")
eq_(user.last_name, u"Bengtss\xa2n")
ok_(not user.has_usable_password())
ok_(not user.check_password("secret"))
ok_(user.groups.filter(name="Localizers").exists())
def test_authenticate_with_ldap_new_user(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('*****@*****.**', 'secret')
self.assertTrue(user)
self.assertTrue(User.objects.get(email='*****@*****.**'))
user = User.objects.get(first_name='Pet\xe3r')
self.assertEqual(user.last_name, 'Bengtss\xa2n')
self.assertFalse(user.has_usable_password())
self.assertFalse(user.check_password('secret'))
self.assertTrue(user.groups.filter(name='Localizers').exists())
def test_authenticate_with_ldap_new_user(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
self.assertTrue(user)
self.assertTrue(User.objects.get(username='******'))
user = User.objects.get(first_name='Pet\xe3r')
self.assertEqual(user.last_name, 'Bengtss\xa2n')
self.assertFalse(user.has_usable_password())
self.assertFalse(user.check_password('secret'))
self.assertTrue(user.groups.filter(name='Localizers').exists())
