def testGetUsers(self): userids = sortTuple(self.portal.acl_users.pmm.getUserIds()) correct = sortTuple( (IMembraneUserAuth(self.member).getUserId(), IMembraneUserAuth(self.member2).getUserId()) ) self.failUnlessEqual(userids, correct)
def authenticateCredentials(self, credentials): """ See IAuthenticationPlugin. o We expect the credentials to be those returned by ILoginPasswordExtractionPlugin. """ login = credentials.get('login') password = credentials.get('password') if login is None or password is None: return None # We can't depend on security when authenticating the user, # or we'll get stuck in loops mbtool = getToolByName(self, TOOLNAME) member = mbtool.getUserAuthProvider(login) if member is None: return None # Check workflow state is active wftool = getToolByName(self, 'portal_workflow') review_state = wftool.getInfoFor(member, 'review_state') wfmapper = ICategoryMapper(mbtool) cat_set = generateCategorySetIdForType(member.portal_type) if not wfmapper.isInCategory(cat_set, ACTIVE_STATUS_CATEGORY, review_state): return None # Delegate to member object member = IMembraneUserAuth(member) return member.authenticateCredentials(credentials)
def testAuthenticateOnMember(self): credentials = {'login': '******', 'password': '******'} userauth = IMembraneUserAuth(self.member) authcred = userauth.authenticateCredentials self.failUnlessEqual(authcred(credentials), None) credentials = {'login': '******', 'password': '******'} self.failUnlessEqual(authcred(credentials), None) credentials = {'login': '******', 'password': '******'} self.failUnlessEqual(authcred(credentials), (userauth.getUserId(), self.member.getUserName()))
def authenticate_token(context, token): try: (login, hash) = token.split('-') except ValueError: return None user = _get_user(context, login) if user is None or generate_token(user) != token: return None else: auth = IMembraneUserAuth(user, None) return (auth.getUserId(), auth.getUserName())
def authenticate_cms_token(context, token): try: (login, hash) = token.split("-") except ValueError: return None user = _get_user(context, login) if user is None or generate_token(user) != token: return None else: auth = IMembraneUserAuth(user, None) return (auth.getUserId(), auth.getUserName())
def test_legacy_password_authentication(self): from Products.membrane.interfaces import IMembraneUserAuth member = self._createType(self.layer['portal'], 'dexterity.membrane.member', 'joe') member.email = '*****@*****.**' self._legacy_set_password(member, b'foobar') pw_auth = IMembraneUserAuth(member) self.assertTrue( pw_auth.verifyCredentials( dict(login=u'*****@*****.**', password='******', confirm_password='******')))
def authenticate_credentials(context, login, password): user = _get_user(context, login) if user is None or user.locked: return None # We could check user.password directly, but lets defer to the membrane # auth framework so the password checking code is all in one place. auth = IMembraneUserAuth(user, None) info = auth.authenticateCredentials({'login': login, 'password': password}) if info is None: return None else: return user
def testUserChangePassword(self): usermanager = IMembraneUserManagement(self.member) userauth = IMembraneUserAuth(self.member) authcred = userauth.authenticateCredentials # Verify the current credentials credentials = {'login': '******', 'password': '******'} self.failUnlessEqual(authcred(credentials), (userauth.getUserId(), self.member.getUserName())) usermanager.doChangeUser('testuser', 'pass2') credentials = {'login': '******', 'password': '******'} self.failUnlessEqual(authcred(credentials), (userauth.getUserId(), self.member.getUserName()))
def testChangePassword(self): pmm = self.portal.acl_users.pmm userauth = IMembraneUserAuth(self.member) authcred = pmm.authenticateCredentials # Verify the current credentials credentials = {'login': '******', 'password': '******'} self.failUnlessEqual(authcred(credentials), (userauth.getUserId(), self.member.getUserName())) pmm.doChangeUser('testuser', 'pass2') credentials = {'login': '******', 'password': '******'} self.failUnlessEqual(authcred(credentials), (userauth.getUserId(), self.member.getUserName()))
def authenticate_credentials(context, login, password): user = _get_user(context, login) if user is None or user.locked: return None # We could check user.password directly, but lets defer to the membrane # auth framework so the password checking code is all in one place. auth = IMembraneUserAuth(user, None) info = auth.authenticateCredentials( {'login': login, 'password': password}) if info is None: return None else: return user
def testLoginCaseSensitive(self): member2 = _createObjectByType('TestMember', self.portal, 'TestUser') # different case member2.setUserName('TestUser') member2.setPassword('testpassword2') member2.reindexObject() authcred = self.portal.acl_users.pmm.authenticateCredentials credentials = {'login': '******', 'password': '******'} self.failUnlessEqual(authcred(credentials), (IMembraneUserAuth( self.member).getUserId(), self.member.getUserName())) credentials = {'login': '******', 'password': '******'} self.failUnlessEqual( authcred(credentials), (IMembraneUserAuth(member2).getUserId(), member2.getUserName()))
def test_legacy_password_authentication(self): from Products.membrane.interfaces import IMembraneUserAuth member = self._createType( self.layer['portal'], 'dexterity.membrane.member', 'joe', ) member.email = '*****@*****.**' self._legacy_set_password(member, b'foobar') pw_auth = IMembraneUserAuth(member) self.assertTrue( pw_auth.verifyCredentials(dict(login=u'*****@*****.**', password='******', confirm_password='******',)) )
def testGetPropertiesFromExternalProvider(self): wrongvalue = 'foo' rightvalue = 'bar' mbtool = getattr(self.portal, TOOLNAME) self._initExternalProvider(mbtool, TestAlternatePropertyProvider.portal_type) self.prop_provider.setExtraProperty(wrongvalue) self.prop_provider.setExtraPropertyFromSchemata(rightvalue) self.member.addReference(self.prop_provider, relationship=UserRelatedRelation.relationship) self.prop_provider.reindexObject() userid = IMembraneUserAuth(self.member).getUserId() user = self.portal.acl_users.getUserById(userid) sheets = user.getOrderedPropertySheets() self.failUnless([ x.getProperty('extraPropertyFromSchemata') for x in sheets if x.getProperty('extraPropertyFromSchemata') == rightvalue ]) mtool = self.portal.portal_membership member = mtool.getMemberById(userid) self.failUnlessEqual(member.getProperty('extraPropertyFromSchemata'), rightvalue) self.failIf(member.hasProperty('extraProperty'))
def testEnumerateUsersExactMatchCaseInsensitive(self): enumusers = self.portal.acl_users.pmm.enumerateUsers member1 = _createObjectByType('TestMember', self.portal, 'Ann') member1.setUserName('Ann') member1.setPassword('password') member1.reindexObject() member1_id = IMembraneUserAuth(member1).getUserId() member2 = _createObjectByType('TestMember', self.portal, 'ann') member2.setUserName('ann') member2.setPassword('password') member2.reindexObject() member2_id = IMembraneUserAuth(member2).getUserId() queryMember1 = enumusers(id=member1_id, exact_match=True)[0] self.failUnlessEqual(queryMember1['id'], member1.getUserName()) queryMember2 = enumusers(id=member2_id, exact_match=True)[0] self.failUnlessEqual(queryMember2['id'], member2.getUserName())
def testGetPropertiesForUser(self): userid = IMembraneUserAuth(self.member).getUserId() user = self.portal.acl_users.getUserById(userid) sheets = user.getOrderedPropertySheets() self.failUnless([x.getProperty('homePhone') for x in sheets if x.getProperty('homePhone') == '555-1212']) member = self.portal.portal_membership.getMemberById(userid) self.failUnlessEqual(member.getProperty('homePhone'), '555-1212')
def testSetPropertiesForUser(self): homePhone = 'phome hone"' userid = IMembraneUserAuth(self.member).getUserId() user = self.portal.acl_users.getUserById(userid) sheets = user.getOrderedPropertySheets() sheets[0].setProperty(user, 'homePhone', homePhone) mbtool = getattr(self.portal, TOOLNAME) member = mbtool.getUserObject(user.getUserName()) self.assertEqual(member.getHomePhone(), homePhone)
def testGetPropertiesForUser(self): userid = IMembraneUserAuth(self.member).getUserId() user = self.portal.acl_users.getUserById(userid) sheets = user.getOrderedPropertySheets() self.failUnless([x.getProperty('fullname') for x in sheets if x.getProperty('fullname') == 'full name']) mtool = self.portal.portal_membership member = mtool.getMemberById(userid) self.failUnlessEqual(member.getProperty('fullname'), 'full name') self.failUnlessEqual(member.getProperty('ext_editor'), False)
def testAuthenticate(self): credentials = {'login': '******', 'password': '******'} authcred = self.portal.acl_users.pmm.authenticateCredentials self.failUnlessEqual(authcred(credentials), None) credentials = {'login': '******', 'password': '******'} self.failUnlessEqual(authcred(credentials), None) credentials = {'login': '******', 'password': '******'} right = (IMembraneUserAuth(self.member).getUserId(), self.member.getUserName()) self.failUnlessEqual(authcred(credentials), right)
def testSetPropertiesForUser(self): fullname = 'null fame' userid = IMembraneUserAuth(self.member).getUserId() user = self.portal.acl_users.getUserById(userid) sheets = user.getOrderedPropertySheets() sheets[0].setProperty(user, 'fullname', fullname) sheets[0].setProperty(user, 'ext_editor', True) mbtool = getattr(self.portal, TOOLNAME) member = mbtool.getUserObject(user.getUserName()) self.assertEqual(member.Title(), fullname) self.assertEqual(member.getEditor(), True)
def test_password_is_kept(self): view = CSVImportView(self.profiles, self.request) # if no password is provided in the import file, one get's generated user_fields_file_loc = self._get_fixture_location('basic_users.csv') with open(user_fields_file_loc) as bf: filedata = self._parse_file(bf.read()) view.create_update_users(filedata) barry = pi_api.userprofile.get('foo') doug = pi_api.userprofile.get('bar') barry_pwd = barry.password doug_pwd = doug.password # both got encrypted passwords self.assertTrue(barry_pwd.startswith('{BCRYPT}')) self.assertTrue(doug_pwd.startswith('{BCRYPT}')) # doug got the password provided in the import file self.assertTrue( IMembraneUserAuth(doug).verifyCredentials( dict(login='******', password='******'))) # now re-import the same users but provide a new password for barry user_fields_file_loc = self._get_fixture_location( 'basic_users_password.csv') with open(user_fields_file_loc) as bf: filedata = self._parse_file(bf.read()) view.create_update_users(filedata, update=True) # barry should get a new password self.assertNotEqual(barry_pwd, barry.password) self.assertTrue( IMembraneUserAuth(barry).verifyCredentials( dict(login='******', password='******'))) # doug's password should still be the same self.assertEqual(doug_pwd, doug.password) # both got new surnames: self.assertEqual(barry.last_name, u'Whiter') self.assertEqual(doug.last_name, u'Carsbest')
def testEnumerateUsersByUserId(self): userid = IMembraneUserAuth(self.member).getUserId() enumusers = self.portal.acl_users.pmm.enumerateUsers self.failUnlessEqual(len(enumusers(id=userid, exact_match=True)), 1) self.failUnlessEqual(len(enumusers(id=userid[:len(userid) - 1], exact_match=False)), 1) self.failUnlessEqual(len(enumusers( id=userid, exact_match=True, sort_on='login')), 1) self.failUnlessEqual(len(enumusers(id=userid, exact_match=True, sort_on='id')), 1) self.failUnlessEqual(len(enumusers( id=userid, exact_match=True, max_results=1)), 1) self.failUnlessEqual(len(enumusers( id=userid, exact_match=True, max_results=0)), 0)
def testGroupMembership(self): group = self.portal.testgroup member = group.testuser # We need acquisition to be correct mem_auth = IMembraneUserAuth(member) mem_grps = IMembraneUserGroups(member) member2 = self.member2 mem2_auth = IMembraneUserAuth(member2) mem2_grps = IMembraneUserGroups(member2) self.failUnlessEqual(group.getGroupMembers(), (mem_auth.getUserId(),)) self.failUnlessEqual(mem_grps.getGroupsForPrincipal(mem_grps), (group.getId(),)) self.group.setMembers([member2.UID()]) self.failUnlessEqual(sortTuple(group.getGroupMembers()), sortTuple([mem2_auth.getUserId(), mem_auth.getUserId()])) self.failUnlessEqual( mem2_grps.getGroupsForPrincipal(mem2_grps), (group.getId(),))
def testFullnameMemberSearch(self): uf = self.portal.acl_users mems = uf.searchUsers(fullname=self.member.Title()) user_auth = IMembraneUserAuth(self.member) self.failUnless(len(mems) == 1 and mems[0]["userid"] == user_auth.getUserId())
def testSimpleMemberSearch(self): uf = self.portal.acl_users mems = uf.searchUsers(login=self.member.getUserName()) user_auth = IMembraneUserAuth(self.member) self.failUnless(len(mems) == 1 and mems[0]["userid"] == user_auth.getUserId())
def testSimpleMemberSearch(self): mtool = self.portal.portal_membership mems = mtool.searchForMembers(login=self.member.getUserName()) user_auth = IMembraneUserAuth(self.member) self.failUnless(len(mems) == 1 and mems[0] == mtool.getMemberById(user_auth.getUserId()))
def testSimpleMemberSearch(self): uf = self.portal.acl_users mems = uf.searchUsers(login=self.member.getUserName()) user_auth = IMembraneUserAuth(self.member) self.failUnless( len(mems) == 1 and mems[0]['userid'] == user_auth.getUserId())
def testGetUsersOneUser(self): users = self.portal.acl_users.pmm.getUsers() self.failUnlessEqual([x.getId() for x in users], [IMembraneUserAuth(self.member).getUserId()])
def testGetUserIdsOneUser(self): self.failUnlessEqual(self.portal.acl_users.pmm.getUserIds(), (IMembraneUserAuth(self.member).getUserId(),))
def testLogin(self): logout() login(self.portal, IMembraneUserAuth(self.member).getUserId())
def testFullnameMemberSearch(self): uf = self.portal.acl_users mems = uf.searchUsers(fullname=self.member.Title()) user_auth = IMembraneUserAuth(self.member) self.failUnless( len(mems) == 1 and mems[0]['userid'] == user_auth.getUserId())
def getId(self): return IMembraneUserAuth(self.member).getUserId()