class BundleStreamListViewAuthorizedTest(BundleStreamListViewAnonymousTest):
def setUp(self):
super(BundleStreamListViewAuthorizedTest, self).setUp()
self.client = TestClient()
self.user = User.objects.create(username='******')
self.user.groups.create(name='group')
self.client.login_user(self.user)
def setUp(self):
super(TestRunListViewAuthorizedTest, self).setUp()
self.client = TestClient()
self.user = User.objects.get_or_create(username="******")[0]
self.group = Group.objects.get_or_create(name="group")[0]
self.user.groups.add(self.group)
self.client.login_user(self.user)
class BundleStreamListViewAuthorizedTest(BundleStreamListViewAnonymousTest):
def setUp(self):
super(BundleStreamListViewAuthorizedTest, self).setUp()
self.client = TestClient()
self.user = User.objects.create(username='******')
self.user.groups.create(name='group')
self.client.login_user(self.user)
class TestRunListViewAuthorizedTest(TestRunListViewAnonymousTest):
def setUp(self):
super(TestRunListViewAuthorizedTest, self).setUp()
self.client = TestClient()
self.user = User.objects.get_or_create(username="******")[0]
self.group = Group.objects.get_or_create(name="group")[0]
self.user.groups.add(self.group)
self.client.login_user(self.user)
def setUp(self):
super(TestOpenIDLogin, self).setUp()
# Use StubOpenIDProvider and _identity_url as our fixed SSO so that
# we always get a successful OpenID response for _identity_url.
self.provider = StubOpenIDProvider('http://example.com/')
setDefaultFetcher(self.provider, wrap_exceptions=False)
self.missing_sso_server_url = object()
self.orig_sso_server_url = getattr(settings, 'OPENID_SSO_SERVER_URL',
self.missing_sso_server_url)
settings.OPENID_SSO_SERVER_URL = self._identity_url
self.client = TestClient()
class TestRunViewAuth(TestCaseWithScenarios):
_USER = "******"
_GROUP = "private_group"
_UNRELATED_USER = "******"
fixtures = ["test_run_detail.json"]
accessing_user = None
scenarios = [
("anonymous_accessing_private", {
"accessing_user": None,
"resource_owner": _USER
}),
("anonymous_accessing_shared", {
"accessing_user": None,
"resource_owner": _GROUP
}),
("unrelated_accessing_private", {
"accessing_user": _UNRELATED_USER,
"resource_owner": _USER,
}),
("unrelated_accessing_shared", {
"accessing_user": _UNRELATED_USER,
"resource_owner": _GROUP
}),
]
def setUp(self):
super(TestRunViewAuth, self).setUp()
self.test_run_url = TestRun.objects.get(pk=1).get_absolute_url()
# Set resource ownership to group or user
bundle_stream = BundleStream.objects.get(pk=1)
if self.resource_owner == self._GROUP:
bundle_stream.group = Group.objects.create(name=self._USER)
elif self.resource_owner == self._USER:
bundle_stream.user = User.objects.create(username=self._USER)
bundle_stream.is_public = False
bundle_stream.is_anonymous = False
bundle_stream.save()
if self.accessing_user:
self.accessing_user = User.objects.get_or_create(username=self.accessing_user)[0]
self.client = TestClient()
self.client.login_user(self.accessing_user)
def test_run_unauth_access(self):
"""
The status code can vary by the installed dependencies but the
content of the response is the same.
"""
response = self.client.get(self.test_run_url)
self.assertIsInstance(response, HttpResponseForbidden)
class TestRunViewAuth(TestCaseWithScenarios):
_USER = "******"
_GROUP = "private_group"
_UNRELATED_USER = "******"
fixtures = ["test_run_detail.json"]
scenarios = [
("anonymous_accessing_private", {
"accessing_user": None,
"resource_owner": _USER
}),
("anonymous_accessing_shared", {
"accessing_user": None,
"resource_owner": _GROUP
}),
("unrelated_accessing_private", {
"accessing_user": _UNRELATED_USER,
"resource_owner": _USER,
}),
("unrelated_accessing_shared", {
"accessing_user": _UNRELATED_USER,
"resource_owner": _GROUP
}),
]
def setUp(self):
super(TestRunViewAuth, self).setUp()
self.test_run_url = TestRun.objects.get(pk=1).get_absolute_url()
# Set resource ownership to group or user
bundle_stream = BundleStream.objects.get(pk=1)
if self.resource_owner == self._GROUP:
bundle_stream.group = Group.objects.create(name=self._USER)
elif self.resource_owner == self._USER:
bundle_stream.user = User.objects.create(username=self._USER)
bundle_stream.is_public = False
bundle_stream.is_anonymous = False
bundle_stream.save()
if self.accessing_user:
self.accessing_user = User.objects.get_or_create(
username=self.accessing_user)[0]
self.client = TestClient()
self.client.login_user(self.accessing_user)
def test_run_unauth_access(self):
response = self.client.get(self.test_run_url)
self.assertEqual(response.status_code, 403)
def setUp(self):
super(TestRunViewAuth, self).setUp()
self.test_run_url = TestRun.objects.get(pk=1).get_absolute_url()
# Set resource ownership to group or user
bundle_stream = BundleStream.objects.get(pk=1)
if self.resource_owner == self._GROUP:
bundle_stream.group = Group.objects.create(name=self._USER)
elif self.resource_owner == self._USER:
bundle_stream.user = User.objects.create(username=self._USER)
bundle_stream.is_public = False
bundle_stream.is_anonymous = False
bundle_stream.save()
if self.accessing_user:
self.accessing_user = User.objects.get_or_create(username=self.accessing_user)[0]
self.client = TestClient()
self.client.login_user(self.accessing_user)
class TestClientTest(TestCase):
_USER = "******"
def setUp(self):
super(TestClientTest, self).setUp()
self.client = TestClient()
self.user = User(username=self._USER)
self.user.save()
def test_auth(self):
self.client.login_user(self.user)
response = self.client.get("/auth-test/")
self.assertEqual(response.content, self._USER)
def test_no_auth(self):
response = self.client.get("/auth-test/")
self.assertEqual(response.content, "")
def setUp(self):
super(TestOpenIDLogin, self).setUp()
# Use StubOpenIDProvider and _identity_url as our fixed SSO so that
# we always get a successful OpenID response for _identity_url.
self.provider = StubOpenIDProvider('http://example.com/')
setDefaultFetcher(self.provider, wrap_exceptions=False)
self.missing_sso_server_url = object()
self.orig_sso_server_url = getattr(
settings, 'OPENID_SSO_SERVER_URL', self.missing_sso_server_url)
settings.OPENID_SSO_SERVER_URL = self._identity_url
self.client = TestClient()
class TestClientTest(TestCase):
_USER = "******"
urls = local_urls
def setUp(self):
super(TestClientTest, self).setUp()
self.client = TestClient()
self.user = User(username=self._USER)
self.user.save()
def test_auth(self):
self.client.login_user(self.user)
response = self.client.get("/auth-test/")
self.assertEqual(response.content, self._USER)
def test_no_auth(self):
response = self.client.get("/auth-test/")
self.assertEqual(response.content, '')
def setUp(self):
super(TestRunViewAuth, self).setUp()
self.test_run_url = TestRun.objects.get(pk=1).get_absolute_url()
# Set resource ownership to group or user
bundle_stream = BundleStream.objects.get(pk=1)
if self.resource_owner == self._GROUP:
bundle_stream.group = Group.objects.create(name=self._USER)
elif self.resource_owner == self._USER:
bundle_stream.user = User.objects.create(username=self._USER)
bundle_stream.is_public = False
bundle_stream.is_anonymous = False
bundle_stream.save()
if self.accessing_user:
self.accessing_user = User.objects.get_or_create(username=self.accessing_user)[0]
self.client = TestClient()
self.client.login_user(self.accessing_user)
class TestOpenIDLogin(TestCase):
urls = tuple(django_openid_auth.tests.urls.urlpatterns +
lava_server.urls.urlpatterns)
_username = '******'
_identity_url = 'http://example.com/identity'
def test_positive_response_from_provider(self):
self.create_user()
openid_request = self.initiate_login()
# Simulate a positive assertion from the server.
openid_response = openid_request.answer(True)
# Use that response to complete the authentication.
response = self.complete(openid_response)
# And the user is now logged in.
response = self.client.get('/getuser/')
self.assertEquals(response.content, self._username)
def test_negative_response_from_provider(self):
openid_request = self.initiate_login()
# Simulate a negative assertion from the server.
openid_response = openid_request.answer(False)
# Use that response to complete the authentication.
response = self.complete(openid_response)
# Since we got a negative assertion from the server, no user is logged
# in.
response = self.client.get('/getuser/')
self.assertEquals(response.content, '')
def setUp(self):
super(TestOpenIDLogin, self).setUp()
# Use StubOpenIDProvider and _identity_url as our fixed SSO so that
# we always get a successful OpenID response for _identity_url.
self.provider = StubOpenIDProvider('http://example.com/')
setDefaultFetcher(self.provider, wrap_exceptions=False)
self.missing_sso_server_url = object()
self.orig_sso_server_url = getattr(settings, 'OPENID_SSO_SERVER_URL',
self.missing_sso_server_url)
settings.OPENID_SSO_SERVER_URL = self._identity_url
self.client = TestClient()
def tearDown(self):
super(TestOpenIDLogin, self).tearDown()
setDefaultFetcher(None)
if self.orig_sso_server_url == self.missing_sso_server_url:
del settings.OPENID_SSO_SERVER_URL
else:
settings.OPENID_SSO_SERVER_URL = self.orig_sso_server_url
def create_user(self):
user = User(username=self._username)
user.save()
# Associate our newly created user with the identity URL.
useropenid = UserOpenID(user=user,
claimed_id=self._identity_url,
display_id=self._identity_url)
useropenid.save()
def initiate_login(self):
response = self.client.get('/openid/login/')
self.assertEqual(httplib.OK, response.status_code)
openid_request = self.provider.parseFormPost(response.content)
self.assertTrue(
openid_request.return_to.startswith(
'http://testserver/openid/complete/'))
return openid_request
def complete(self, openid_response):
"""Complete an OpenID authentication request."""
webresponse = self.provider.server.encodeResponse(openid_response)
self.assertEquals(webresponse.code, 302)
redirect_to = webresponse.headers['location']
self.assertTrue(
redirect_to.startswith('http://testserver/openid/complete/'))
return self.client.get(
'/openid/complete/',
dict(cgi.parse_qsl(redirect_to.split('?', 1)[1])))
class TestOpenIDLogin(TestCase):
urls = tuple(
django_openid_auth.tests.urls.urlpatterns
+ lava_server.urls.urlpatterns)
_username = '******'
_identity_url = 'http://example.com/identity'
def test_positive_response_from_provider(self):
self.create_user()
openid_request = self.initiate_login()
# Simulate a positive assertion from the server.
openid_response = openid_request.answer(True)
# Use that response to complete the authentication.
response = self.complete(openid_response)
# And the user is now logged in.
response = self.client.get('/getuser/')
self.assertEquals(response.content, self._username)
def test_negative_response_from_provider(self):
openid_request = self.initiate_login()
# Simulate a negative assertion from the server.
openid_response = openid_request.answer(False)
# Use that response to complete the authentication.
response = self.complete(openid_response)
# Since we got a negative assertion from the server, no user is logged
# in.
response = self.client.get('/getuser/')
self.assertEquals(response.content, '')
def setUp(self):
super(TestOpenIDLogin, self).setUp()
# Use StubOpenIDProvider and _identity_url as our fixed SSO so that
# we always get a successful OpenID response for _identity_url.
self.provider = StubOpenIDProvider('http://example.com/')
setDefaultFetcher(self.provider, wrap_exceptions=False)
self.missing_sso_server_url = object()
self.orig_sso_server_url = getattr(
settings, 'OPENID_SSO_SERVER_URL', self.missing_sso_server_url)
settings.OPENID_SSO_SERVER_URL = self._identity_url
self.client = TestClient()
def tearDown(self):
super(TestOpenIDLogin, self).tearDown()
setDefaultFetcher(None)
if self.orig_sso_server_url == self.missing_sso_server_url:
del settings.OPENID_SSO_SERVER_URL
else:
settings.OPENID_SSO_SERVER_URL = self.orig_sso_server_url
def create_user(self):
user = User(username=self._username)
user.save()
# Associate our newly created user with the identity URL.
useropenid = UserOpenID(
user=user, claimed_id=self._identity_url,
display_id=self._identity_url)
useropenid.save()
def initiate_login(self):
response = self.client.get('/openid/login/')
self.assertEqual(httplib.OK, response.status_code)
openid_request = self.provider.parseFormPost(response.content)
self.assertTrue(openid_request.return_to.startswith(
'http://testserver/openid/complete/'))
return openid_request
def complete(self, openid_response):
"""Complete an OpenID authentication request."""
webresponse = self.provider.server.encodeResponse(openid_response)
self.assertEquals(webresponse.code, 302)
redirect_to = webresponse.headers['location']
self.assertTrue(redirect_to.startswith(
'http://testserver/openid/complete/'))
return self.client.get('/openid/complete/',
dict(cgi.parse_qsl(redirect_to.split('?', 1)[1])))
def setUp(self):
super(TestClientTest, self).setUp()
self.client = TestClient()
self.user = User(username=self._USER)
self.user.save()
def setUp(self):
super(TestClientTest, self).setUp()
self.client = TestClient()
self.user = User(username=self._USER)
self.user.save()
