def test_add_user_no_pass(self): resp = self.post('/users/', {'user': username1, }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertEqual(self.get_usernames(), [username1]) self.assertFalsePassword(username1, '') self.assertFalsePassword(username1, password1) self.assertFalsePassword(username1, password2) self.assertProperties(user_backend.get(username1), {}) resp = self.post('/users/', {'user': username2, 'password': '', }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertEqual(self.get_usernames(), [username1, username2]) user = user_backend.get(username2) self.assertFalsePassword(username2, '') self.assertFalsePassword(username2, password1) self.assertFalsePassword(username2, password2) self.assertProperties(user, {}) resp = self.post('/users/', {'user': username3, 'password': None, }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertItemsEqual(self.get_usernames(), [username1, username2, username3]) user = user_backend.get(username3) self.assertFalsePassword(username3, '') self.assertFalsePassword(username3, password1) self.assertFalsePassword(username3, password2) self.assertProperties(user, {})
def test_existing_properties(self): user = user_backend.create(username2, property_backend=property_backend) property_backend.create(user, propkey1, propval3) # propval1 is in json file path = os.path.join(self.base, 'users1.json') with capture() as (stdout, stderr): cmd = [path] restauth_import(cmd) self.assertItemsEqual(user_backend.list(), [username1, username2, username3]) user = user_backend.get(username2) pattern = '^%s: Property "%s" already exists\.$' % (username2, propkey1) self.assertHasLine(stdout, pattern) self.assertHasLine(stdout, '^%s: Property "date joined" already exists\.$' % username2) expected_props = { propkey1: propval3, # propva1 is in json-file - we don't overwrite! propkey2: propval2, u'last login': u'2013-12-01 19:27:44', # date from json file } props = property_backend.list(user) # delete 'date joined' prop because it was created by the user_backend and # restauth-import doesn't overwrite in this invocation: del props['date joined'] self.assertEqual(props, expected_props)
def test_add_user_with_property(self): resp = self.post('/users/', {'user': username1, 'properties': {propkey1: propval1, }, }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertEqual(self.get_usernames(), [username1]) user = user_backend.get(username1) self.assertProperties(user, {propkey1: propval1, })
def test_add_user(self): resp = self.post('/users/', {'user': username1, 'password': password1, }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertEqual(self.get_usernames(), [username1]) self.assertPassword(username1, password1) user = user_backend.get(username1) self.assertProperties(user, {})
def test_add_two_users(self): resp = self.post('/users/', {'user': username1, 'password': password1, }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertEqual(self.get_usernames(), [username1]) self.assertPassword(username1, password1) self.assertFalsePassword(username1, password2) user1 = user_backend.get(username1) self.assertProperties(user1, {}) resp = self.post('/users/', {'user': username2, 'password': password2, }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertEqual(self.get_usernames(), [username1, username2]) user2 = user_backend.get(username2) self.assertProperties(user2, {}) self.assertPassword(username1, password1) self.assertFalsePassword(username1, password2) self.assertPassword(username2, password2) self.assertFalsePassword(username2, password1)
def test_update_password_hash(self): """Test if checking the password with an old hash automatically updates the hash.""" hashers = ('django.contrib.auth.hashers.PBKDF2PasswordHasher', PASSWORD_HASHERS[0], ) with self.settings(PASSWORD_HASHERS=hashers): load_hashers() resp = self.post('/users/%s/' % username1, {'password': password1, }) self.assertEqual(resp.status_code, http_client.NO_CONTENT) u = user_backend.get(username=username1) self.assertTrue(u.password.startswith('pbkdf2_sha256$'))
def test_add_user_twice(self): self.assertEqual(self.get_usernames(), []) resp = self.post('/users/', {'user': username1, 'password': password1, }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertEqual(self.get_usernames(), [username1]) user = user_backend.get(username1) self.assertProperties(user, {}) self.assertPassword(username1, password1) self.assertFalsePassword(username1, password2) # add again: resp = self.post('/users/', {'user': username1, 'password': password2, }) self.assertEqual(resp.status_code, http_client.CONFLICT) self.assertEqual(self.get_usernames(), [username1]) # check that we still have the old password and properties: self.assertPassword(username1, password1) self.assertFalsePassword(username1, password2)
def test_backend(self): # test password during creation: for password, data in six.iteritems(self.testdata): user = user_backend.create(username=username1, password=password, property_backend=property_backend) self.assertTrue(user.password.startswith('%s$' % self.algorithm)) self.assertTrue(user_backend.check_password(username1, password)) user_backend.remove(username=username1) # test password for set_password: for password, data in six.iteritems(self.testdata): user = user_backend.create(username=username1, property_backend=property_backend) user_backend.set_password(username=username1, password=password) self.assertTrue(user_backend.check_password(username1, password)) self.assertTrue(user_backend.check_password(username1, password)) user = user_backend.get(username1) self.assertTrue(user.password.startswith('%s$' % self.algorithm)) self.assertTrue(check_password(password, user.password)) user_backend.remove(username=username1)
def test_users(self, overwrite=False): path = os.path.join(self.base, 'users1.json') with capture() as (stdout, stderr): cmd = [path] if overwrite: cmd = ['--overwrite-properties', path] with override_settings(PASSWORD_HASHERS=PASSWORD_HASHERS): restauth_import(cmd) self.assertHasLine(stdout, '^\* %s: Set hash from input data\.$' % username3) self.assertTrue(user_backend.check_password(username3, 'foobar')) self.assertItemsEqual(user_backend.list(), [username1, username2, username3]) user = user_backend.get(username2) props = { propkey1: propval1, propkey2: propval2, # timestamps of when we wrote this test: # u'date joined': u'2013-12-01 19:27:50', u'last login': u'2013-12-01 19:27:44', } self.assertProperties(user, props)
def test_add_user_with_date_joined(self): props = {propkey1: propval1, 'date joined': datetime.now().strftime("%Y-%m-%d %H:%M:%S")} resp = self.post('/users/', {'user': username1, 'properties': props, }) self.assertEqual(resp.status_code, http_client.CREATED) user = user_backend.get(username1) self.assertEqual(property_backend.list(user), props)
def test_add_user_with_properties(self): props = {propkey1: propval1, propkey2: propval2, } resp = self.post('/users/', {'user': username1, 'properties': props, }) self.assertEqual(resp.status_code, http_client.CREATED) self.assertProperties(user_backend.get(username1), props)