class UserManagerLdapNoPasswordChangeTest(unittest.TestCase): basedn = ('dc=nodomain', { 'dc': ['nodomain'], 'o': ['nodomain']}) people = ('ou=People,dc=nodomain', { 'ou': ['People'], 'objectClass': ['organizationalUnit']}) # This is the content of our mock LDAP directory. It takes the form # {dn: {attr: [value, ...], ...}, ...}. directory = dict([ basedn, people, _ldap_user('annik'), _ldap_user('bob'), _ldap_user('john'), ]) @classmethod def setUpClass(cls): # We only need to create the MockLdap instance once. The content we # pass in will be used for all LDAP connections. cls.mockldap = MockLdap(cls.directory) @classmethod def tearDownClass(cls): del cls.mockldap def setUp(self): # Mock LDAP self.mockldap.start() self.ldapobj = self.mockldap['ldap://localhost/'] # Mock Application self.app = MockRdiffwebApp(enabled_plugins=['Ldap'], default_config={'LdapAllowPasswordChange': 'false'}) self.app.reset() # Get reference to LdapStore self.ldapstore = self.app.userdb._password_stores[0] def tearDown(self): # Stop patching ldap.initialize and reset state. self.mockldap.stop() del self.ldapobj def test_set_password_update(self): with self.assertRaises(RdiffError): self.ldapstore.set_password('annik', 'new_password') def test_set_password_with_old_password(self): with self.assertRaises(RdiffError): self.ldapstore.set_password('john', 'new_password', old_password='******') def test_set_password_with_invalid_old_password(self): with self.assertRaises(RdiffError): self.ldapstore.set_password('foo', 'new_password', old_password='******') def test_set_password_update_not_exists(self): """Expect error when trying to update password of invalid user.""" with self.assertRaises(RdiffError): self.assertFalse(self.ldapstore.set_password('bar', 'new_password'))
class SQLiteUserDBTest(unittest.TestCase): """Unit tests for the sqliteUserDBTeste class""" def setUp(self): # Mock Application self.app = MockRdiffwebApp(enabled_plugins=['SQLite']) self.app.reset() # Get reference to SQLite database self.db = self.app.userdb._databases[0] def test_add_user(self): """Add user to database.""" self.db.add_user('joe') self.assertTrue(self.db.exists('joe')) def test_are_valid_credentials(self): self.db.add_user('mike') self.db.set_password('mike', 'password') self.assertEquals('mike', self.db.are_valid_credentials('mike', 'password')) def test_are_valid_credentials_with_invalid_password(self): self.db.add_user('jeff') self.assertFalse(self.db.are_valid_credentials('jeff', 'invalid')) # password is case sensitive self.assertFalse(self.db.are_valid_credentials('jeff', 'Password')) # Match entire password self.assertFalse(self.db.are_valid_credentials('jeff', 'pass')) self.assertFalse(self.db.are_valid_credentials('jeff', '')) def test_are_valid_credentials_with_invalid_user(self): self.assertIsNone(self.db.are_valid_credentials('josh', 'password')) def test_delete_user(self): # Create user self.db.add_user('vicky') self.assertTrue(self.db.exists('vicky')) # Delete user self.assertTrue(self.db.delete_user('vicky')) self.assertFalse(self.db.exists('vicky')) def test_delete_user_with_invalid_user(self): self.assertFalse(self.db.delete_user('eve')) def test_exists(self): self.db.add_user('bob') self.assertTrue(self.db.exists('bob')) def test_exists_with_invalid_user(self): self.assertFalse(self.db.exists('invalid')) def test_get_set(self): user = '******' self.db.add_user(user) email = self.db.get_email(user) repos = self.db.get_repos(user) user_root = self.db.get_user_root(user) is_admin = self.db.is_admin(user) self.assertEqual('', email) self.assertEqual([], repos) self.assertEqual('', user_root) self.assertEqual(False, is_admin) self.db.set_user_root(user, '/backups/') self.db.set_is_admin(user, True) self.db.set_email(user, '*****@*****.**') self.db.set_repos(user, ['/backups/computer/', '/backups/laptop/']) email = self.db.get_email(user) repos = self.db.get_repos(user) user_root = self.db.get_user_root(user) self.assertEqual('*****@*****.**', email) self.assertEqual(['/backups/computer/', '/backups/laptop/'], repos) self.assertEqual('/backups/', user_root) def test_get_invalid_user(self): with self.assertRaises(InvalidUserError): self.db.get_email('invalid') with self.assertRaises(InvalidUserError): self.db.get_repos('invalid') with self.assertRaises(InvalidUserError): self.db.get_user_root('invalid') def test_has_password(self): self.db.add_user('carol') self.assertFalse(self.db.has_password('carol')) self.db.set_password('carol', 'password') self.assertTrue(self.db.has_password('carol')) def test_list(self): self.assertEqual(['admin'], self.app.userdb.list()) self.app.userdb.add_user('annik') self.assertEqual(['admin', 'annik'], self.app.userdb.list()) def test_set_invalid_user(self): with self.assertRaises(InvalidUserError): self.db.set_user_root('invalid', '/backups/') with self.assertRaises(InvalidUserError): self.db.set_is_admin('invalid', True) with self.assertRaises(InvalidUserError): self.db.set_email('invalid', '*****@*****.**') with self.assertRaises(InvalidUserError): self.db.set_repos('invalid', ['/backups/computer/', '/backups/laptop/']) def test_set_password_update(self): self.db.add_user('annik') self.assertFalse(self.db.set_password('annik', 'new_password')) # Check new credentials self.assertEqual('annik', self.db.are_valid_credentials('annik', 'new_password')) def test_set_password_with_old_password(self): self.db.add_user('john') self.db.set_password('john', 'password') self.db.set_password('john', 'new_password', old_password='******') # Check new credentials self.assertEqual('john', self.db.are_valid_credentials('john', 'new_password')) def test_set_password_with_invalid_old_password(self): self.db.add_user('foo') with self.assertRaises(ValueError): self.db.set_password('foo', 'new_password', old_password='******') def test_set_password_update_not_exists(self): """Expect error when trying to update password of invalid user.""" with self.assertRaises(InvalidUserError): self.assertFalse(self.db.set_password('bar', 'new_password')) def test_set_repos_empty(self): self.db.add_user('kim') self.db.set_repos("kim", []) self.assertEquals([], self.db.get_repos('kim'))
class UserManagerLdapTest(unittest.TestCase): basedn = (b'dc=nodomain', { b'dc': [b'nodomain'], b'o': [b'nodomain']}) people = (b'ou=People,dc=nodomain', { b'ou': [b'People'], b'objectClass': [b'organizationalUnit']}) # This is the content of our mock LDAP directory. It takes the form # {dn: {attr: [value, ...], ...}, ...}. directory = dict([ basedn, people, _ldap_user('admin'), _ldap_user('annik'), _ldap_user('bob'), _ldap_user('foo'), _ldap_user('jeff'), _ldap_user('john'), _ldap_user('larry'), _ldap_user('mike'), _ldap_user('vicky'), ]) @classmethod def setUpClass(cls): # We only need to create the MockLdap instance once. The content we # pass in will be used for all LDAP connections. cls.mockldap = MockLdap(cls.directory) @classmethod def tearDownClass(cls): del cls.mockldap def setUp(self): # Mock LDAP self.mockldap.start() self.ldapobj = self.mockldap['ldap://localhost/'] # Mock Application self.app = MockRdiffwebApp(enabled_plugins=['Ldap'], default_config={'LdapAllowPasswordChange': 'true'}) self.app.reset() # Get reference to LdapStore self.ldapstore = self.app.userdb._password_stores[0] def tearDown(self): # Stop patching ldap.initialize and reset state. self.mockldap.stop() del self.ldapobj def test_are_valid_credentials(self): self.assertEquals('mike', self.ldapstore.are_valid_credentials('mike', 'password')) def test_are_valid_credentials_with_invalid_password(self): self.assertFalse(self.ldapstore.are_valid_credentials('jeff', 'invalid')) # password is case sensitive self.assertFalse(self.ldapstore.are_valid_credentials('jeff', 'Password')) # Match entire password self.assertFalse(self.ldapstore.are_valid_credentials('jeff', 'pass')) self.assertFalse(self.ldapstore.are_valid_credentials('jeff', '')) def test_are_valid_credentials_with_invalid_user(self): self.assertIsNone(self.ldapstore.are_valid_credentials('josh', 'password')) def test_delete_user(self): # Delete_user is not supported by LdapPlugin. self.assertFalse(self.ldapstore.delete_user('vicky')) def test_delete_user_with_invalid_user(self): self.assertFalse(self.ldapstore.delete_user('eve')) def test_get_user_attr(self): self.assertEquals(['bob'], self.ldapstore.get_user_attr('bob', 'uid')) self.assertEquals(['bob'], self.ldapstore.get_user_attr('bob', 'cn')) self.assertEquals(['person', 'organizationalPerson', 'inetOrgPerson', 'posixAccount'], self.ldapstore.get_user_attr('bob', 'objectClass')) self.assertEquals({u'uid': ['bob'], u'cn': ['bob']}, self.ldapstore.get_user_attr('bob', ['uid', 'cn'])) def test_has_password(self): self.assertTrue(self.ldapstore.has_password('bob')) def test_has_password_with_invalid_user(self): self.assertFalse(self.ldapstore.has_password('invalid')) def test_set_password_not_found(self): with self.assertRaises(ValueError): self.assertTrue(self.ldapstore.set_password('joe', 'password')) def test_set_password_update(self): self.assertFalse(self.ldapstore.set_password('annik', 'new_password')) def test_set_password_with_old_password(self): self.assertFalse(self.ldapstore.set_password('john', 'new_password', old_password='******')) def test_set_password_with_invalid_old_password(self): with self.assertRaises(ValueError): self.ldapstore.set_password('foo', 'new_password', old_password='******') def test_set_password_update_not_exists(self): """Expect error when trying to update password of invalid user.""" with self.assertRaises(ValueError): self.assertFalse(self.ldapstore.set_password('bar', 'new_password'))
class UserManagerSQLiteTest(unittest.TestCase): def setUp(self): self.app = MockRdiffwebApp(enabled_plugins=["SQLite"]) self.app.reset() def test_add_user(self): """Add user to database.""" self.app.userdb.add_user("joe") self.assertTrue(self.app.userdb.exists("joe")) def test_add_user_with_duplicate(self): """Add user to database.""" self.app.userdb.add_user("denise") with self.assertRaises(ValueError): self.app.userdb.add_user("denise") def test_add_user_with_password(self): """Add user to database with password.""" self.app.userdb.add_user("jo", "password") self.assertTrue(self.app.userdb.exists("jo")) self.assertTrue(self.app.userdb.login("jo", "password")) def test_delete_user(self): # Create user self.app.userdb.add_user("vicky", "password") self.assertTrue(self.app.userdb.exists("vicky")) # Delete user self.assertTrue(self.app.userdb.delete_user("vicky")) self.assertFalse(self.app.userdb.exists("vicky")) def test_delete_user_with_invalid_user(self): self.assertFalse(self.app.userdb.delete_user("eve")) def test_exists(self): self.app.userdb.add_user("bob", "password") self.assertTrue(self.app.userdb.exists("bob")) def test_exists_with_invalid_user(self): self.assertFalse(self.app.userdb.exists("invalid")) def test_get_set(self): user = "******" self.app.userdb.add_user(user, "password") email = self.app.userdb.get_email(user) repos = self.app.userdb.get_repos(user) user_root = self.app.userdb.get_user_root(user) is_admin = self.app.userdb.is_admin(user) self.assertEqual("", email) self.assertEqual([], repos) self.assertEqual("", user_root) self.assertEqual(False, is_admin) self.app.userdb.set_user_root(user, "/backups/") self.app.userdb.set_is_admin(user, True) self.app.userdb.set_email(user, "*****@*****.**") self.app.userdb.set_repos(user, ["/backups/computer/", "/backups/laptop/"]) email = self.app.userdb.get_email(user) repos = self.app.userdb.get_repos(user) user_root = self.app.userdb.get_user_root(user) is_admin = self.app.userdb.is_admin(user) self.assertEqual("*****@*****.**", email) self.assertEqual(["/backups/computer/", "/backups/laptop/"], repos) self.assertEqual("/backups/", user_root) self.assertEqual(True, is_admin) def test_get_invalid_user(self): with self.assertRaises(InvalidUserError): self.app.userdb.get_email("invalid") with self.assertRaises(InvalidUserError): self.app.userdb.get_repos("invalid") with self.assertRaises(InvalidUserError): self.app.userdb.get_user_root("invalid") with self.assertRaises(InvalidUserError): self.app.userdb.is_admin("invalid") def test_list(self): self.assertEqual(["admin"], self.app.userdb.list()) self.app.userdb.add_user("annik") self.assertEqual(["admin", "annik"], self.app.userdb.list()) def test_login(self): """Check if login work""" self.app.userdb.add_user("tom", "password") self.assertEqual("tom", self.app.userdb.login("tom", "password")) self.assertFalse(self.app.userdb.login("tom", "invalid")) def login_with_invalid_password(self): self.app.userdb.add_user("jeff", "password") self.assertFalse(self.app.userdb.login("jeff", "invalid")) # password is case sensitive self.assertFalse(self.app.userdb.login("jeff", "Password")) # Match entire password self.assertFalse(self.app.userdb.login("jeff", "pass")) self.assertFalse(self.app.userdb.login("jeff", "")) def test_login_with_invalid_user(self): """Check if login work""" self.assertIsNone(self.app.userdb.login("josh", "password")) def test_set_password_update(self): self.app.userdb.add_user("annik", "password") self.assertFalse(self.app.userdb.set_password("annik", "new_password")) # Check new credentials self.assertEqual("annik", self.app.userdb.login("annik", "new_password")) def test_set_password_with_old_password(self): self.app.userdb.add_user("john", "password") self.app.userdb.set_password("john", "new_password", old_password="******") # Check new credentials self.assertEqual("john", self.app.userdb.login("john", "new_password")) def test_set_password_with_invalid_old_password(self): self.app.userdb.add_user("foo", "password") with self.assertRaises(ValueError): self.app.userdb.set_password("foo", "new_password", old_password="******") def test_set_password_update_not_exists(self): """Expect error when trying to update password of invalid user.""" with self.assertRaises(InvalidUserError): self.assertFalse(self.app.userdb.set_password("bar", "new_password"))
class UserManagerSQLiteLdapTest(unittest.TestCase): basedn = ("dc=nodomain", {"dc": ["nodomain"], "o": ["nodomain"]}) people = ("ou=People,dc=nodomain", {"ou": ["People"], "objectClass": ["organizationalUnit"]}) # This is the content of our mock LDAP directory. It takes the form # {dn: {attr: [value, ...], ...}, ...}. directory = dict( [ basedn, people, _ldap_user("annik"), _ldap_user("bob"), _ldap_user("foo"), _ldap_user("jeff"), _ldap_user("john"), _ldap_user("karl"), _ldap_user("kim"), _ldap_user("larry"), _ldap_user("mike"), _ldap_user("tony"), _ldap_user("vicky"), ] ) @classmethod def setUpClass(cls): # We only need to create the MockLdap instance once. The content we # pass in will be used for all LDAP connections. cls.mockldap = MockLdap(cls.directory) @classmethod def tearDownClass(cls): del cls.mockldap def setUp(self): # Mock LDAP self.mockldap.start() self.ldapobj = self.mockldap["ldap://localhost/"] # Mock Application self.app = MockRdiffwebApp( enabled_plugins=["Ldap", "SQLite"], default_config={"LdapAllowPasswordChange": "true"} ) self.app.reset() # Get reference to LdapStore self.ldapstore = self.app.userdb._password_stores[0] def tearDown(self): # Stop patching ldap.initialize and reset state. self.mockldap.stop() del self.ldapobj def test_add_user_to_sqlite(self): """Add user to local database.""" self.app.userdb.add_user("joe", "password") self.assertEqual("joe", self.app.userdb.login("joe", "password")) def test_add_user_to_ldap(self): """Add user to LDAP.""" self.app.userdb.add_user("karl", "password") self.assertEqual("karl", self.app.userdb.login("karl", "password")) def test_delete_user(self): """Create then delete a user.""" # Create user self.app.userdb.add_user("vicky") self.assertTrue(self.app.userdb.exists("vicky")) self.assertEquals("vicky", self.app.userdb.login("vicky", "password")) # Delete user. self.assertTrue(self.app.userdb.delete_user("vicky")) self.assertFalse(self.app.userdb.exists("vicky")) def test_delete_user_with_invalid_user(self): self.assertFalse(self.app.userdb.delete_user("eve")) def test_exists(self): """Check if user doesn't exists when only in LDAP.""" self.assertFalse(self.app.userdb.exists("bob")) def test_exists_with_invalid_user(self): self.assertFalse(self.app.userdb.exists("invalid")) def test_get_set(self): user = "******" self.app.userdb.add_user(user, "password") email = self.app.userdb.get_email(user) repos = self.app.userdb.get_repos(user) user_root = self.app.userdb.get_user_root(user) is_admin = self.app.userdb.is_admin(user) self.assertEqual("", email) self.assertEqual([], repos) self.assertEqual("", user_root) self.assertEqual(False, is_admin) self.app.userdb.set_user_root(user, "/backups/") self.app.userdb.set_is_admin(user, True) self.app.userdb.set_email(user, "*****@*****.**") self.app.userdb.set_repos(user, ["/backups/computer/", "/backups/laptop/"]) email = self.app.userdb.get_email(user) repos = self.app.userdb.get_repos(user) user_root = self.app.userdb.get_user_root(user) self.assertEqual("*****@*****.**", email) self.assertEqual(["/backups/computer/", "/backups/laptop/"], repos) self.assertEqual("/backups/", user_root) def test_list(self): self.assertEqual(["admin"], self.app.userdb.list()) self.app.userdb.add_user("annik") self.assertEqual(["admin", "annik"], self.app.userdb.list()) def test_login(self): """Check if login work""" self.app.userdb.add_user("tom", "password") self.assertEqual("tom", self.app.userdb.login("tom", "password")) self.assertFalse(self.app.userdb.login("tom", "invalid")) def test_login_with_invalid_password(self): self.app.userdb.add_user("jeff", "password") self.assertFalse(self.app.userdb.login("jeff", "invalid")) # password is case sensitive self.assertFalse(self.app.userdb.login("jeff", "Password")) # Match entire password self.assertFalse(self.app.userdb.login("jeff", "pass")) self.assertFalse(self.app.userdb.login("jeff", "")) def test_login_with_invalid_user(self): """Check if login work""" self.assertIsNone(self.app.userdb.login("josh", "password")) def test_login_with_invalid_user_in_ldap(self): """Check if login work""" self.assertIsNone(self.app.userdb.login("kim", "password")) def test_login_with_create_user(self): """Check if login create the user in database if user exists in LDAP""" self.assertFalse(self.app.userdb.exists("tony")) self.app.cfg.set_config("AddMissingUser", "true") try: self.app.userdb.login("tony", "password") self.assertTrue(self.app.userdb.exists("tony")) self.assertFalse(self.app.userdb.is_admin("tony")) finally: self.app.cfg.set_config("AddMissingUser", "false") def test_set_invalid_user(self): with self.assertRaises(InvalidUserError): self.app.userdb.set_user_root("invalid", "/backups/") with self.assertRaises(InvalidUserError): self.app.userdb.set_is_admin("invalid", True) with self.assertRaises(InvalidUserError): self.app.userdb.set_email("invalid", "*****@*****.**") with self.assertRaises(InvalidUserError): self.app.userdb.set_repos("invalid", ["/backups/computer/", "/backups/laptop/"]) def test_set_password_update(self): self.app.userdb.add_user("annik") self.assertFalse(self.app.userdb.set_password("annik", "new_password")) # Check new credentials self.assertEqual("annik", self.app.userdb.login("annik", "new_password")) def test_set_password_with_old_password(self): self.app.userdb.add_user("john") self.app.userdb.set_password("john", "new_password", old_password="******") # Check new credentials self.assertEqual("john", self.app.userdb.login("john", "new_password")) def test_set_password_with_invalid_old_password(self): self.app.userdb.add_user("foo") with self.assertRaises(ValueError): self.app.userdb.set_password("foo", "new_password", old_password="******") def test_set_password_update_not_exists(self): """Expect error when trying to update password of invalid user.""" with self.assertRaises(InvalidUserError): self.assertFalse(self.app.userdb.set_password("bar", "new_password")) def test_supports(self): """Check basic supports""" self.assertTrue(self.app.userdb.supports("set_password")) self.assertTrue(self.app.userdb.supports("set_email")) self.assertTrue(self.app.userdb.supports("set_password", "annik")) self.assertFalse(self.app.userdb.supports("set_email", "annik"))