def test_invalid_rename_user_with_save(self): """Renaming to invalid username raises ValidationError.""" new_username = '******' % self.username self.assertIsNotNone(self.model.objects.create_user( username=self.username, email=self.email, password=self.password, first_name=self.first_name, last_name=self.last_name)) user = self.model.objects.get(username=self.username) self.assertTrue(username_exists(self.username)) self.assertFalse(username_exists(new_username)) # Rename user.username = new_username self.assertRaises(ValidationError, user.save) # Nothing changed self.assertRaises( self.model.DoesNotExist, self.model.objects.get, username=new_username) self.assertTrue(username_exists(self.username)) self.assertFalse(username_exists(new_username)) # Cleanup user.username = self.username user.delete() self.assertFalse(username_exists(self.username))
def test_create_new_user(self): """Can properly create new user""" self.assertFalse(utils.username_exists(self.new_user)) self.assertTrue( utils.create_user(self.new_user, self.password, self.email, self.first_name, self.last_name)) self.assertTrue(utils.username_exists(self.new_user)) utils.delete_user(self.new_user) self.assertFalse(utils.username_exists(self.new_user))
def test_create_new_user(self): """Can properly create new user""" self.assertFalse(utils.username_exists(self.new_user)) self.assertTrue(utils.create_user(self.new_user, self.password, self.email, self.first_name, self.last_name)) self.assertTrue(utils.username_exists(self.new_user)) utils.delete_user(self.new_user) self.assertFalse(utils.username_exists(self.new_user))
def test_delete_user(self): """Deleting user also deletes ldap entry.""" self.assertIsNotNone(self.model.objects.create_user( username=self.username, email=self.email, password=self.password, first_name=self.first_name, last_name=self.last_name)) user = self.model.objects.get(username=self.username) self.assertTrue(username_exists(self.username)) user.delete() self.assertFalse(username_exists(self.username))
def tearDown(self): if utils.username_exists(self.user): utils.delete_user(self.user) if utils.username_exists(self.new_user): utils.delete_user(self.new_user) # Remove groups: utils.delete_group(self.group_of_names) self.assertFalse(utils.group_exists(self.group_of_names)) utils.delete_group(self.posix_group) self.assertFalse(utils.group_exists(self.posix_group)) utils.delete_group(self.super_group) self.assertFalse(utils.group_exists(self.super_group))
def test_create_incomplete_user(self): """Creating an LDAP user with incomplete information should raise a ValidationError. """ if username_exists(self.username): self.assertTrue(delete_user(self.username)) # Lacking first_name, last_name user = self.model( username=self.username, email=self.email, password=self.password) self.assertRaises(ValidationError, user.save) self.assertFalse( self.model.objects.filter(username=self.username).exists()) self.assertFalse(username_exists(self.username))
def clean_username(self): username = super(UserCreationForm, self).clean_username() if USE_LDAP and ldap_utils.username_exists(username): raise forms.ValidationError( self.error_messages['duplicate_username'], code='duplicate_username', ) return username
def test_rename_user(self): """Checks rename_user handles bad username properly and only renames successfully if new username is valid""" invalid_name = (False, 'Invalid username. %s' % (settings.USERNAME_HELPTEXT)) correct = (True, 'User %s renamed to %s' % (self.user, self.new_user)) self.assertTrue(utils.username_exists(self.user)) # This is a bad username because underscores are not allowed self.assertEqual(utils.rename_user(self.user, 'bad_username'), invalid_name) # Nothing is changed self.assertTrue(utils.username_exists(self.user)) # Actual renaming self.assertEqual(utils.rename_user(self.user, self.new_user), correct) # Model has not been updated yet, but LDAP has been self.assertFalse(utils.username_exists(self.user)) self.assertTrue(utils.username_exists(self.new_user))
def test_rename_user(self): """Checks rename_user handles bad username properly and only renames successfully if new username is valid""" invalid_name = (False, 'Invalid username. %s' % ( settings.USERNAME_HELPTEXT)) correct = (True, 'User %s renamed to %s' % (self.user, self.new_user)) self.assertTrue(utils.username_exists(self.user)) # This is a bad username because underscores are not allowed self.assertEqual(utils.rename_user(self.user, 'bad_username'), invalid_name) # Nothing is changed self.assertTrue(utils.username_exists(self.user)) # Actual renaming self.assertEqual(utils.rename_user(self.user, self.new_user), correct) # Model has not been updated yet, but LDAP has been self.assertFalse(utils.username_exists(self.user)) self.assertTrue(utils.username_exists(self.new_user))
def save(self, *args, **kwargs): """Only save the instance if user exists in LDAP. Allows renaming username, but does not update other LDAP entry attributes (yet).""" new_username = self.get_username() # Password can be None or '' for unusuable password if (not new_username or not self.email or not self.first_name or not self.last_name): raise ValidationError('Users must have username, email, ' 'first name and last name') try: old_user = LDAPUser.objects.get(pk=self.pk) old_username = old_user.get_username() renaming_user = old_username != new_username updating_email = old_user.email != self.email except LDAPUser.DoesNotExist: renaming_user = False updating_email = False # Update username if renaming_user: success, reason = ldap_utils.rename_user( old_username, new_username) if not success: raise ValidationError( 'Encountered error while renaming username from {old} ' 'to {new}. Reason: {reason}'.format( old=old_username, new=new_username, reason=reason)) elif not ldap_utils.username_exists(new_username): if ldap_utils.create_user(new_username, self.password, self.email, self.first_name, self.last_name): # Successfully created LDAP entry for new user # Set an unusable password for the Django DB instance super(LDAPUser, self).set_unusable_password() else: # Failed to create user some how. raise ValidationError( 'Error creating new LDAP entry for {name} with username ' '"{username}"'.format( name=self.get_full_name(), username=new_username)) # Update email # New username should exist by now after rename. if (updating_email and not ldap_utils.set_email(new_username, self.email)): raise ValidationError( 'Encountered error while updating user email to {new}'.format( new=self.email)) # TODO(flieee): update LDAP other entry attributes (i.e. name) too? super(LDAPUser, self).save(*args, **kwargs)
def test_direct_create_user(self): """Creating an LDAP user directly via model instantiation.""" if username_exists(self.username): self.assertTrue(delete_user(self.username)) user = self.model( username=self.username, email=self.email, password=self.password, first_name=self.first_name, last_name=self.last_name) user.save() self.verify_user_attributes_valid()
def save(self, *args, **kwargs): """Only save the instance if user exists in LDAP. Allows renaming username, but does not update other LDAP entry attributes (yet).""" new_username = self.get_username() # Password can be None or '' for unusuable password if (not new_username or not self.email or not self.first_name or not self.last_name): raise ValidationError('Users must have username, email, ' 'first name and last name') try: old_user = LDAPUser.objects.get(pk=self.pk) old_username = old_user.get_username() renaming_user = old_username != new_username updating_email = old_user.email != self.email except LDAPUser.DoesNotExist: renaming_user = False updating_email = False # Update username if renaming_user: success, reason = ldap_utils.rename_user(old_username, new_username) if not success: raise ValidationError( 'Encountered error while renaming username from {old} ' 'to {new}. Reason: {reason}'.format(old=old_username, new=new_username, reason=reason)) elif not ldap_utils.username_exists(new_username): if ldap_utils.create_user(new_username, self.password, self.email, self.first_name, self.last_name): # Successfully created LDAP entry for new user # Set an unusable password for the Django DB instance super(LDAPUser, self).set_unusable_password() else: # Failed to create user some how. raise ValidationError( 'Error creating new LDAP entry for {name} with username ' '"{username}"'.format(name=self.get_full_name(), username=new_username)) # Update email # New username should exist by now after rename. if (updating_email and not ldap_utils.set_email(new_username, self.email)): raise ValidationError( 'Encountered error while updating user email to {new}'.format( new=self.email)) # TODO(flieee): update LDAP other entry attributes (i.e. name) too? super(LDAPUser, self).save(*args, **kwargs)
def test_rename_user_with_save(self): """Renaming an LDAP user's username also renames the LDAP entry.""" new_username = self.username + 'r2' self.assertIsNotNone(self.model.objects.create_user( username=self.username, email=self.email, password=self.password, first_name=self.first_name, last_name=self.last_name)) user = self.model.objects.get(username=self.username) self.assertTrue(username_exists(self.username)) self.assertFalse(username_exists(new_username)) # Rename user.username = new_username user.save() self.assertRaises( self.model.DoesNotExist, self.model.objects.get, username=self.username) self.assertFalse(username_exists(self.username)) self.assertTrue(username_exists(new_username)) # Cleanup user.delete() self.assertFalse(username_exists(new_username))
def test_create_user(self): """Test creating a user.""" if username_exists(self.username): self.assertTrue(delete_user(self.username)) self.assertFalse( self.model.objects.filter(username=self.username).exists()) self.assertIsNotNone(self.model.objects.create_user( username=self.username, email=self.email, password=self.password, first_name=self.first_name, last_name=self.last_name)) self.verify_user_attributes_valid()
def test_save_update_email(self): """Updating email also edits LDAP entry's email attribute.""" new_email = 'new' + self.email self.assertIsNotNone(self.model.objects.create_user( username=self.username, email=self.email, password=self.password, first_name=self.first_name, last_name=self.last_name)) user = self.model.objects.get(username=self.username) self.assertEqual(self.email, get_email(self.username)) # Rename user.email = new_email user.save() self.assertEqual(new_email, get_email(self.username)) # Cleanup user.delete() self.assertFalse(username_exists(self.username))
def verify_user_attributes_valid(self, is_superuser=False): # Make sure it's saved query = self.model.objects.filter(username=self.username) self.assertEqual(1, query.count()) user = query[0] # Attributes self.assertEqual(user.get_username(), self.username) self.assertEqual(user.email, self.email) self.assertEqual(user.is_superuser, is_superuser) self.assertEqual(user.first_name, self.first_name) self.assertEqual(user.last_name, self.last_name) # check_password and has_usable_password should work self.assertFalse(get_user_model().has_usable_password(user)) self.assertTrue(user.has_usable_password()) self.assertTrue(user.check_password(self.password)) user.set_unusable_password() self.assertFalse(user.has_usable_password()) # Verify LDAP utilities self.assertTrue(username_exists(self.username)) self.assertTrue(delete_user(self.username))
def test_username_exists(self): """Existing and non-existing users are identified correctly""" # New testing user exists self.assertTrue(utils.username_exists(self.user)) # www-data is a local user. It should not exist in TBP People group self.assertFalse(utils.username_exists('www-data'))
def test_create_existing_user(self): """Don't create new user if username already exists""" self.assertTrue(utils.username_exists(self.user)) self.assertFalse(utils.create_user(self.user, self.password, self.email, self.first_name, self.last_name))
def tearDown(self): if username_exists(self.username): self.assertTrue(delete_user(self.username))
def test_create_existing_user(self): """Don't create new user if username already exists""" self.assertTrue(utils.username_exists(self.user)) self.assertFalse( utils.create_user(self.user, self.password, self.email, self.first_name, self.last_name))