def test_twofactor_required_with_flag(self): self.rp_config.flag_twofactor = 'FOO' request = RequestFactory().get('/') with switches(FOO=True): self.assertTrue(self.rp_config.twofactor_required(request)) with switches(FOO=False): self.assertFalse(self.rp_config.twofactor_required(request))
def test_allow_unverified_disabled_and_login_by_phone_enabled(self): email = self.account.emailaddress_set.get(email=self.email) email.status = EmailStatus.NEW email.save() # enable the LOGIN_BY_PHONE flag selective on team membership team_name = 'tomb-riders' key = 'LOGIN_BY_PHONE' field_name = 'team' value = team_name condition_set = ('identityprovider.gargoyle.LPTeamConditionSet(' 'lp_team)') self.conditionally_enable_flag(key, field_name, value, condition_set) # without proper team, authenticate_user will not succeed with switches(ALLOW_UNVERIFIED=False): self.assert_failed_login(AuthenticationError) # bind account with the team team = self.factory.make_team(name=team_name) self.factory.add_account_to_team(self.account, team) with switches(ALLOW_UNVERIFIED=False): result = authenticate_user(self.email, self.password) self.assertEqual(result, self.account)
def test_context_manager(self): switch = self.gargoyle['test'] switch.status = DISABLED with switches(self.gargoyle, test=True): self.assertTrue(self.gargoyle.is_active('test')) self.assertEquals(self.gargoyle['test'].status, DISABLED) switch.status = GLOBAL with switches(self.gargoyle, test=False): self.assertFalse(self.gargoyle.is_active('test')) self.assertEquals(self.gargoyle['test'].status, GLOBAL)
def setUp(self): super(SuspendUnverifiedAccountsTestCase, self).setUp() self.call_command = lambda: call_command(self.command_name) self.mock_send_warning = self._apply_patch( 'identityprovider.emailutils.send_action_required_warning') self.mock_send_notice = self._apply_patch( 'identityprovider.emailutils.send_action_applied_notice') self.mock_logger = self._apply_patch( 'identityprovider.management.commands.suspend_unverified_accounts.' 'logging') self.mock_now = self._apply_patch( 'identityprovider.management.commands.suspend_unverified_accounts.' 'datetime') self.mock_now.utcnow.return_value = self.now = datetime.utcnow() # enable ALLOW_UNVERIFIED p = switches(ALLOW_UNVERIFIED=True) p.patch() self.addCleanup(p.unpatch) new_settings = zip(self.new_settings, (self.action_after_days, self.warn_before_days)) p = patch_settings(**dict(new_settings)) p.start() self.addCleanup(p.stop)
def test_context_manager(self): switch = self.gargoyle['test'] switch.status = DISABLED with switches(self.gargoyle, test=True): assert self.gargoyle.is_active('test') assert self.gargoyle['test'].status == DISABLED switch.status = GLOBAL switch.save() with switches(self.gargoyle, test=False): assert not self.gargoyle.is_active('test') assert self.gargoyle['test'].status == GLOBAL
def setUp(self): super(TestPaperPrintingAndGenerating, self).setUp() switch = switches(PAPER_DEVICE=True) switch.patch() self.addCleanup(switch.unpatch) self.device = MagicMock(autospec=AuthenticationDevice) self.device.id = 1 self.device.key = 'some key' self.device.counter = 0 self.device.device_type = 'paper' mock_get = self._do_patch(MOD_PREFIX + '._get_device_or_404') mock_get.return_value = self.device self.mock_hotp = mock_hotp = self._do_patch(MOD_PREFIX + '.hotp') mock_hotp.side_effect = lambda k, i, t: self.letters[i] p = patch_settings(TWOFACTOR_PAPER_CODES=10) p.start() self.addCleanup(p.stop) self.mock_request = self._get_mock_request() self.mock_request.user = self.factory.make_account()
def test_context_manager(self): switch = self.gargoyle['test'] switch.status = DISABLED with switches(self.gargoyle, test=True): self.assertTrue(self.gargoyle.is_active('test')) self.assertEquals(self.gargoyle['test'].status, DISABLED) switch.status = GLOBAL switch.save() with switches(self.gargoyle, test=False): self.assertFalse(self.gargoyle.is_active('test')) self.assertEquals(self.gargoyle['test'].status, GLOBAL)
def test_context_manager(self): switch = self.gargoyle['test'] switch.status = DISABLED with switches(self.gargoyle, test=True): assert self.gargoyle.is_active('test') assert self.gargoyle['test'].status == DISABLED switch.status = GLOBAL switch.save() with switches(self.gargoyle, test=False): assert not self.gargoyle.is_active('test') assert self.gargoyle['test'].status == GLOBAL
def test_user_not_2f_but_not_required(self): OpenIDRPConfig.objects.create(trust_root=self.ACS_URL, flag_twofactor='SAML_TWOFACTOR') with switches(SAML_TWOFACTOR=False): response = self.client.get('/+saml', data=self.REQUEST_DATA) self.assertEqual(response.status_code, 302) self.assertTrue('/+saml/process' in response['Location'])
def setUp(self): super(DeviceTemplateTest, self).setUp() condition_set = 'identityprovider.gargoyle.LPTeamConditionSet(lp_team)' self.conditionally_enable_flag( 'PAPER_DEVICE', 'team', 'paperdeviceteam', condition_set) # enable TWOFACTOR flag twofactor_switch = switches(TWOFACTOR=True) twofactor_switch.patch() self.addCleanup(twofactor_switch.unpatch)
def test_user_not_2f_but_required(self): # make sure the rpconfig entry requires 2f OpenIDRPConfig.objects.create(trust_root=self.ACS_URL, flag_twofactor='SAML_TWOFACTOR') with switches(SAML_TWOFACTOR=True): response = self.client.get('/+saml', data=self.REQUEST_DATA, follow=True) # make sure the last redirect was for twofactor self.assertIn('/two_factor_auth', response.redirect_chain[-1][0])
def assert_device_types(self, paper_flag, expected_types): request = self._get_mock_request() with switches(PAPER_DEVICE=paper_flag): response = device_addition(request) tree = PyQuery(response.content) type_nodes = tree.find('input[type="radio"]') # Note: can't just use node.value as it is None for unset radios self.assertEqual([dict(node.items())['value'] for node in type_nodes], expected_types)
def test_register_captcha_required(self, mock_captcha): captcha_data = {'captcha_id': 999, 'image_url': 'somewhere'} del self.data['captcha_id'] del self.data['captcha_solution'] mock_captcha.new.return_value.serialize.return_value = captcha_data with switches(CAPTCHA=True): response, json_body = call( self.handler.create, self.url, self.data) self.assertEqual(response.status_code, 401) self.assertEqual(json_body['code'], "CAPTCHA_REQUIRED") self.assertIn('A captcha challenge is required', json_body['message']) self.assertFalse(self.mock_register.called) self.assertEqual(json_body['extra'], captcha_data)
def setUp(self): super(InvalidateEmailTestCase, self).setUp() # email invalidation makes sense only when ALLOW_UNVERIFIED is enabled switch = switches(ALLOW_UNVERIFIED=True) switch.patch() self.addCleanup(switch.unpatch) p = mock.patch('webui.views.account.logger') self.mock_logger = p.start() self.addCleanup(p.stop) self.account = self.factory.make_account( email=self.email, email_validated=False, password_encrypted=False, password=DEFAULT_USER_PASSWORD, ) self.emailaddress = self.account.emailaddress_set.get() assert self.emailaddress.status == EmailStatus.NEW self.authtoken = AuthToken.objects.create( email=self.email, token=self.token, token_type=TokenType.INVALIDATEEMAIL)
def setUp(self): super(DeviceViewsTestCaseBase, self).setUp() self.account = account = self.factory.make_account() self.device = self.factory.make_device(account, name='foo') self.client.login(username=account.preferredemail.email, password=DEFAULT_USER_PASSWORD) self.patch_is_upgraded = mock.patch( 'identityprovider.models.twofactor.is_upgraded') self.patch_is_fresh = mock.patch( 'identityprovider.models.twofactor.is_fresh') self.mock_is_upgraded = self.patch_is_upgraded.start() self.mock_is_upgraded.return_value = True self.mock_is_fresh = self.patch_is_fresh.start() self.mock_is_fresh.return_value = True self.addCleanup(self.patch_is_upgraded.stop) self.addCleanup(self.patch_is_fresh.stop) self.switch_twofactor = switches(TWOFACTOR=True) self.switch_twofactor.patch() self.addCleanup(self.switch_twofactor.unpatch)
def setUp(self): super(AccountEditTestCase, self).setUp() if self.twofactor_enabled is not None: self.switch = switches(TWOFACTOR=self.twofactor_enabled) self.switch.patch() self.addCleanup(self.switch.unpatch) self.account.twofactor_required = self.user_wants_twofactor self.account.warn_about_backup_device = self.user_wants_warn self.account.save() for i in xrange(self.devices_count): self.factory.make_device(account=self.account) assert self.account.devices.count() == self.devices_count if self.devices_count > 0 and self.paper_device_exhausted: counter = (settings.TWOFACTOR_PAPER_CODES - settings.TWOFACTOR_PAPER_CODES_WARN_RENEWAL + 1) device = self.account.devices.all()[0] device.counter = counter device.device_type = 'paper' device.save()
def setUp(self): super(TwoFactorMixin, self).setUp() self.switch = switches(TWOFACTOR=True) self.switch.patch() self.addCleanup(self.switch.unpatch)
def enable_flag(self): # enable LOGIN_BY_PHONE globally switcher = switches(LOGIN_BY_PHONE=True) switcher.patch() self.addCleanup(switcher.unpatch)
def enable_flag(self): switcher = switches(ALLOW_UNVERIFIED=True) switcher.patch() self.addCleanup(switcher.unpatch)
def setUp(self): super(RegisterMessagesTestCase, self).setUp() switch = switches(ALLOW_UNVERIFIED=True) switch.patch() self.addCleanup(switch.unpatch)
def setUp(self): super(VerifyEmailWarningTestCase, self).setUp() self.switch = switches(ALLOW_UNVERIFIED=True) self.switch.patch() self.addCleanup(self.switch.unpatch)
def test_includes_create_account_form_for_u1_brand(self): with mock.patch.multiple(settings, BRAND='ubuntu'): with switches(BRAND_UBUNTUONE=True): r = self.client.get(reverse('account-index')) self.assertIn('create_account_form', r.context)
def test_new_email_not_allowed(self): email = self.account.emailaddress_set.get(email=self.email) email.status = EmailStatus.NEW email.save() with switches(ALLOW_UNVERIFIED=False, LOGIN_BY_PHONE=False): self.assert_failed_login(AuthenticationError)
def render_u1_login_with_rpconfig(self, rpconfig): with switches(BRAND_UBUNTUONE=True): return render_to_string( 'registration/login.html', dict(rpconfig=rpconfig, brand_description="Ubuntu One"))