def test_invalid_rename_user_with_save(self):
"""Renaming to invalid username raises ValidationError."""
new_username = '******' % self.username
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
user = self.model.objects.get(username=self.username)
self.assertTrue(username_exists(self.username))
self.assertFalse(username_exists(new_username))
# Rename
user.username = new_username
self.assertRaises(ValidationError, user.save)
# Nothing changed
self.assertRaises(
self.model.DoesNotExist,
self.model.objects.get,
username=new_username)
self.assertTrue(username_exists(self.username))
self.assertFalse(username_exists(new_username))
# Cleanup
user.username = self.username
user.delete()
self.assertFalse(username_exists(self.username))
def test_invalid_rename_user_with_save(self):
"""Renaming to invalid username raises ValidationError."""
new_username = '******' % self.username
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
user = self.model.objects.get(username=self.username)
self.assertTrue(username_exists(self.username))
self.assertFalse(username_exists(new_username))
# Rename
user.username = new_username
self.assertRaises(ValidationError, user.save)
# Nothing changed
self.assertRaises(
self.model.DoesNotExist,
self.model.objects.get,
username=new_username)
self.assertTrue(username_exists(self.username))
self.assertFalse(username_exists(new_username))
# Cleanup
user.username = self.username
user.delete()
self.assertFalse(username_exists(self.username))
def test_create_new_user(self):
"""Can properly create new user"""
self.assertFalse(utils.username_exists(self.new_user))
self.assertTrue(
utils.create_user(self.new_user, self.password, self.email,
self.first_name, self.last_name))
self.assertTrue(utils.username_exists(self.new_user))
utils.delete_user(self.new_user)
self.assertFalse(utils.username_exists(self.new_user))
def test_create_new_user(self):
"""Can properly create new user"""
self.assertFalse(utils.username_exists(self.new_user))
self.assertTrue(utils.create_user(self.new_user, self.password,
self.email,
self.first_name, self.last_name))
self.assertTrue(utils.username_exists(self.new_user))
utils.delete_user(self.new_user)
self.assertFalse(utils.username_exists(self.new_user))
def test_delete_user(self):
"""Deleting user also deletes ldap entry."""
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
user = self.model.objects.get(username=self.username)
self.assertTrue(username_exists(self.username))
user.delete()
self.assertFalse(username_exists(self.username))
def test_delete_user(self):
"""Deleting user also deletes ldap entry."""
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
user = self.model.objects.get(username=self.username)
self.assertTrue(username_exists(self.username))
user.delete()
self.assertFalse(username_exists(self.username))
def tearDown(self):
if utils.username_exists(self.user):
utils.delete_user(self.user)
if utils.username_exists(self.new_user):
utils.delete_user(self.new_user)
# Remove groups:
utils.delete_group(self.group_of_names)
self.assertFalse(utils.group_exists(self.group_of_names))
utils.delete_group(self.posix_group)
self.assertFalse(utils.group_exists(self.posix_group))
utils.delete_group(self.super_group)
self.assertFalse(utils.group_exists(self.super_group))
def tearDown(self):
if utils.username_exists(self.user):
utils.delete_user(self.user)
if utils.username_exists(self.new_user):
utils.delete_user(self.new_user)
# Remove groups:
utils.delete_group(self.group_of_names)
self.assertFalse(utils.group_exists(self.group_of_names))
utils.delete_group(self.posix_group)
self.assertFalse(utils.group_exists(self.posix_group))
utils.delete_group(self.super_group)
self.assertFalse(utils.group_exists(self.super_group))
def test_create_incomplete_user(self):
"""Creating an LDAP user with incomplete information should raise a
ValidationError.
"""
if username_exists(self.username):
self.assertTrue(delete_user(self.username))
# Lacking first_name, last_name
user = self.model(
username=self.username,
email=self.email,
password=self.password)
self.assertRaises(ValidationError, user.save)
self.assertFalse(
self.model.objects.filter(username=self.username).exists())
self.assertFalse(username_exists(self.username))
def test_create_incomplete_user(self):
"""Creating an LDAP user with incomplete information should raise a
ValidationError.
"""
if username_exists(self.username):
self.assertTrue(delete_user(self.username))
# Lacking first_name, last_name
user = self.model(
username=self.username,
email=self.email,
password=self.password)
self.assertRaises(ValidationError, user.save)
self.assertFalse(
self.model.objects.filter(username=self.username).exists())
self.assertFalse(username_exists(self.username))
def clean_username(self):
username = super(UserCreationForm, self).clean_username()
if USE_LDAP and ldap_utils.username_exists(username):
raise forms.ValidationError(
self.error_messages['duplicate_username'],
code='duplicate_username',
)
return username
def clean_username(self):
username = super(UserCreationForm, self).clean_username()
if USE_LDAP and ldap_utils.username_exists(username):
raise forms.ValidationError(
self.error_messages['duplicate_username'],
code='duplicate_username',
)
return username
def test_rename_user(self):
"""Checks rename_user handles bad username properly and only renames
successfully if new username is valid"""
invalid_name = (False,
'Invalid username. %s' % (settings.USERNAME_HELPTEXT))
correct = (True, 'User %s renamed to %s' % (self.user, self.new_user))
self.assertTrue(utils.username_exists(self.user))
# This is a bad username because underscores are not allowed
self.assertEqual(utils.rename_user(self.user, 'bad_username'),
invalid_name)
# Nothing is changed
self.assertTrue(utils.username_exists(self.user))
# Actual renaming
self.assertEqual(utils.rename_user(self.user, self.new_user), correct)
# Model has not been updated yet, but LDAP has been
self.assertFalse(utils.username_exists(self.user))
self.assertTrue(utils.username_exists(self.new_user))
def test_rename_user(self):
"""Checks rename_user handles bad username properly and only renames
successfully if new username is valid"""
invalid_name = (False, 'Invalid username. %s' % (
settings.USERNAME_HELPTEXT))
correct = (True, 'User %s renamed to %s' % (self.user, self.new_user))
self.assertTrue(utils.username_exists(self.user))
# This is a bad username because underscores are not allowed
self.assertEqual(utils.rename_user(self.user, 'bad_username'),
invalid_name)
# Nothing is changed
self.assertTrue(utils.username_exists(self.user))
# Actual renaming
self.assertEqual(utils.rename_user(self.user, self.new_user),
correct)
# Model has not been updated yet, but LDAP has been
self.assertFalse(utils.username_exists(self.user))
self.assertTrue(utils.username_exists(self.new_user))
def save(self, *args, **kwargs):
"""Only save the instance if user exists in LDAP. Allows renaming
username, but does not update other LDAP entry attributes (yet)."""
new_username = self.get_username()
# Password can be None or '' for unusuable password
if (not new_username or not self.email or
not self.first_name or not self.last_name):
raise ValidationError('Users must have username, email, '
'first name and last name')
try:
old_user = LDAPUser.objects.get(pk=self.pk)
old_username = old_user.get_username()
renaming_user = old_username != new_username
updating_email = old_user.email != self.email
except LDAPUser.DoesNotExist:
renaming_user = False
updating_email = False
# Update username
if renaming_user:
success, reason = ldap_utils.rename_user(
old_username,
new_username)
if not success:
raise ValidationError(
'Encountered error while renaming username from {old} '
'to {new}. Reason: {reason}'.format(
old=old_username,
new=new_username,
reason=reason))
elif not ldap_utils.username_exists(new_username):
if ldap_utils.create_user(new_username, self.password, self.email,
self.first_name, self.last_name):
# Successfully created LDAP entry for new user
# Set an unusable password for the Django DB instance
super(LDAPUser, self).set_unusable_password()
else:
# Failed to create user some how.
raise ValidationError(
'Error creating new LDAP entry for {name} with username '
'"{username}"'.format(
name=self.get_full_name(),
username=new_username))
# Update email
# New username should exist by now after rename.
if (updating_email and
not ldap_utils.set_email(new_username, self.email)):
raise ValidationError(
'Encountered error while updating user email to {new}'.format(
new=self.email))
# TODO(flieee): update LDAP other entry attributes (i.e. name) too?
super(LDAPUser, self).save(*args, **kwargs)
def test_direct_create_user(self):
"""Creating an LDAP user directly via model instantiation."""
if username_exists(self.username):
self.assertTrue(delete_user(self.username))
user = self.model(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name)
user.save()
self.verify_user_attributes_valid()
def test_direct_create_user(self):
"""Creating an LDAP user directly via model instantiation."""
if username_exists(self.username):
self.assertTrue(delete_user(self.username))
user = self.model(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name)
user.save()
self.verify_user_attributes_valid()
def save(self, *args, **kwargs):
"""Only save the instance if user exists in LDAP. Allows renaming
username, but does not update other LDAP entry attributes (yet)."""
new_username = self.get_username()
# Password can be None or '' for unusuable password
if (not new_username or not self.email or not self.first_name
or not self.last_name):
raise ValidationError('Users must have username, email, '
'first name and last name')
try:
old_user = LDAPUser.objects.get(pk=self.pk)
old_username = old_user.get_username()
renaming_user = old_username != new_username
updating_email = old_user.email != self.email
except LDAPUser.DoesNotExist:
renaming_user = False
updating_email = False
# Update username
if renaming_user:
success, reason = ldap_utils.rename_user(old_username,
new_username)
if not success:
raise ValidationError(
'Encountered error while renaming username from {old} '
'to {new}. Reason: {reason}'.format(old=old_username,
new=new_username,
reason=reason))
elif not ldap_utils.username_exists(new_username):
if ldap_utils.create_user(new_username, self.password, self.email,
self.first_name, self.last_name):
# Successfully created LDAP entry for new user
# Set an unusable password for the Django DB instance
super(LDAPUser, self).set_unusable_password()
else:
# Failed to create user some how.
raise ValidationError(
'Error creating new LDAP entry for {name} with username '
'"{username}"'.format(name=self.get_full_name(),
username=new_username))
# Update email
# New username should exist by now after rename.
if (updating_email
and not ldap_utils.set_email(new_username, self.email)):
raise ValidationError(
'Encountered error while updating user email to {new}'.format(
new=self.email))
# TODO(flieee): update LDAP other entry attributes (i.e. name) too?
super(LDAPUser, self).save(*args, **kwargs)
def test_rename_user_with_save(self):
"""Renaming an LDAP user's username also renames the LDAP entry."""
new_username = self.username + 'r2'
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
user = self.model.objects.get(username=self.username)
self.assertTrue(username_exists(self.username))
self.assertFalse(username_exists(new_username))
# Rename
user.username = new_username
user.save()
self.assertRaises(
self.model.DoesNotExist,
self.model.objects.get,
username=self.username)
self.assertFalse(username_exists(self.username))
self.assertTrue(username_exists(new_username))
# Cleanup
user.delete()
self.assertFalse(username_exists(new_username))
def test_create_user(self):
"""Test creating a user."""
if username_exists(self.username):
self.assertTrue(delete_user(self.username))
self.assertFalse(
self.model.objects.filter(username=self.username).exists())
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
self.verify_user_attributes_valid()
def test_create_user(self):
"""Test creating a user."""
if username_exists(self.username):
self.assertTrue(delete_user(self.username))
self.assertFalse(
self.model.objects.filter(username=self.username).exists())
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
self.verify_user_attributes_valid()
def test_rename_user_with_save(self):
"""Renaming an LDAP user's username also renames the LDAP entry."""
new_username = self.username + 'r2'
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
user = self.model.objects.get(username=self.username)
self.assertTrue(username_exists(self.username))
self.assertFalse(username_exists(new_username))
# Rename
user.username = new_username
user.save()
self.assertRaises(
self.model.DoesNotExist,
self.model.objects.get,
username=self.username)
self.assertFalse(username_exists(self.username))
self.assertTrue(username_exists(new_username))
# Cleanup
user.delete()
self.assertFalse(username_exists(new_username))
def test_save_update_email(self):
"""Updating email also edits LDAP entry's email attribute."""
new_email = 'new' + self.email
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
user = self.model.objects.get(username=self.username)
self.assertEqual(self.email, get_email(self.username))
# Rename
user.email = new_email
user.save()
self.assertEqual(new_email, get_email(self.username))
# Cleanup
user.delete()
self.assertFalse(username_exists(self.username))
def test_save_update_email(self):
"""Updating email also edits LDAP entry's email attribute."""
new_email = 'new' + self.email
self.assertIsNotNone(self.model.objects.create_user(
username=self.username,
email=self.email,
password=self.password,
first_name=self.first_name,
last_name=self.last_name))
user = self.model.objects.get(username=self.username)
self.assertEqual(self.email, get_email(self.username))
# Rename
user.email = new_email
user.save()
self.assertEqual(new_email, get_email(self.username))
# Cleanup
user.delete()
self.assertFalse(username_exists(self.username))
def verify_user_attributes_valid(self, is_superuser=False):
# Make sure it's saved
query = self.model.objects.filter(username=self.username)
self.assertEqual(1, query.count())
user = query[0]
# Attributes
self.assertEqual(user.get_username(), self.username)
self.assertEqual(user.email, self.email)
self.assertEqual(user.is_superuser, is_superuser)
self.assertEqual(user.first_name, self.first_name)
self.assertEqual(user.last_name, self.last_name)
# check_password and has_usable_password should work
self.assertFalse(get_user_model().has_usable_password(user))
self.assertTrue(user.has_usable_password())
self.assertTrue(user.check_password(self.password))
user.set_unusable_password()
self.assertFalse(user.has_usable_password())
# Verify LDAP utilities
self.assertTrue(username_exists(self.username))
self.assertTrue(delete_user(self.username))
def verify_user_attributes_valid(self, is_superuser=False):
# Make sure it's saved
query = self.model.objects.filter(username=self.username)
self.assertEqual(1, query.count())
user = query[0]
# Attributes
self.assertEqual(user.get_username(), self.username)
self.assertEqual(user.email, self.email)
self.assertEqual(user.is_superuser, is_superuser)
self.assertEqual(user.first_name, self.first_name)
self.assertEqual(user.last_name, self.last_name)
# check_password and has_usable_password should work
self.assertFalse(get_user_model().has_usable_password(user))
self.assertTrue(user.has_usable_password())
self.assertTrue(user.check_password(self.password))
user.set_unusable_password()
self.assertFalse(user.has_usable_password())
# Verify LDAP utilities
self.assertTrue(username_exists(self.username))
self.assertTrue(delete_user(self.username))
def test_username_exists(self):
"""Existing and non-existing users are identified correctly"""
# New testing user exists
self.assertTrue(utils.username_exists(self.user))
# www-data is a local user. It should not exist in TBP People group
self.assertFalse(utils.username_exists('www-data'))
def test_username_exists(self):
"""Existing and non-existing users are identified correctly"""
# New testing user exists
self.assertTrue(utils.username_exists(self.user))
# www-data is a local user. It should not exist in TBP People group
self.assertFalse(utils.username_exists('www-data'))
def test_create_existing_user(self):
"""Don't create new user if username already exists"""
self.assertTrue(utils.username_exists(self.user))
self.assertFalse(utils.create_user(self.user, self.password,
self.email,
self.first_name, self.last_name))
def tearDown(self):
if username_exists(self.username):
self.assertTrue(delete_user(self.username))
def test_create_existing_user(self):
"""Don't create new user if username already exists"""
self.assertTrue(utils.username_exists(self.user))
self.assertFalse(
utils.create_user(self.user, self.password, self.email,
self.first_name, self.last_name))
def tearDown(self):
if username_exists(self.username):
self.assertTrue(delete_user(self.username))
