def test_confirm_different_username(self): with mock_ldap() as ldap: # Verify that the user is logged in and their username was adjusted. (response, _) = ldap.verify_and_link_user("cool.user", "somepass") self.assertEquals(response.username, "cool_user") # Verify we can confirm the user's quay username. (response, _) = ldap.confirm_existing_user("cool_user", "somepass") self.assertEquals(response.username, "cool_user") # Verify that we *cannot* confirm the LDAP username. (response, _) = ldap.confirm_existing_user("cool.user", "somepass") self.assertIsNone(response)
def test_login_empty_userdn(self): with mock_ldap(): base_dn = ["ou=employees", "dc=quay", "dc=io"] admin_dn = "uid=testy,ou=employees,dc=quay,dc=io" admin_passwd = "password" user_rdn = [] uid_attr = "uid" email_attr = "mail" secondary_user_rdns = ["ou=otheremployees"] ldap = LDAPUsers( "ldap://localhost", base_dn, admin_dn, admin_passwd, user_rdn, uid_attr, email_attr, secondary_user_rdns=secondary_user_rdns, ) # Verify we can login. (response, _) = ldap.verify_and_link_user("someuser", "somepass") self.assertEquals(response.username, "someuser") # Verify we can confirm the user. (response, _) = ldap.confirm_existing_user("someuser", "somepass") self.assertEquals(response.username, "someuser")
def test_login_empty_userdn(self): with mock_ldap(): base_dn = ['ou=employees', 'dc=quay', 'dc=io'] admin_dn = 'uid=testy,ou=employees,dc=quay,dc=io' admin_passwd = 'password' user_rdn = [] uid_attr = 'uid' email_attr = 'mail' secondary_user_rdns = ['ou=otheremployees'] ldap = LDAPUsers('ldap://localhost', base_dn, admin_dn, admin_passwd, user_rdn, uid_attr, email_attr, secondary_user_rdns=secondary_user_rdns) # Verify we can login. (response, _) = ldap.verify_and_link_user('someuser', 'somepass') self.assertEquals(response.username, 'someuser') # Verify we can confirm the user. (response, _) = ldap.confirm_existing_user('someuser', 'somepass') self.assertEquals(response.username, 'someuser')
def test_referral(self): with mock_ldap() as ldap: (response, _) = ldap.verify_and_link_user("referred", "somepass") self.assertEquals(response.username, "cool_user") # Verify we can confirm the user's quay username. (response, _) = ldap.confirm_existing_user("cool_user", "somepass") self.assertEquals(response.username, "cool_user")
def test_login_secondary(self): with mock_ldap() as ldap: # Verify we can login. (response, _) = ldap.verify_and_link_user("secondaryuser", "somepass") self.assertEquals(response.username, "secondaryuser") # Verify we can confirm the user. (response, _) = ldap.confirm_existing_user("secondaryuser", "somepass") self.assertEquals(response.username, "secondaryuser")
def test_login(self): with mock_ldap() as ldap: # Verify we can login. (response, _) = ldap.verify_and_link_user("someuser", "somepass") self.assertEquals(response.username, "someuser") self.assertTrue(model.user.has_user_prompt(response, "confirm_username")) # Verify we can confirm the user. (response, _) = ldap.confirm_existing_user("someuser", "somepass") self.assertEquals(response.username, "someuser")
def test_invalid_password(self): with mock_ldap() as ldap: # Verify we cannot login with an invalid password. (response, err_msg) = ldap.verify_and_link_user("someuser", "invalidpass") self.assertIsNone(response) self.assertEquals(err_msg, "Invalid password") # Verify we cannot confirm the user. (response, err_msg) = ldap.confirm_existing_user("someuser", "invalidpass") self.assertIsNone(response) self.assertEquals(err_msg, "Invalid user")
def test_invalid_wildcard(self): with mock_ldap() as ldap: # Verify we cannot login with a wildcard. (response, err_msg) = ldap.verify_and_link_user("some*", "somepass") self.assertIsNone(response) self.assertEquals(err_msg, "Username not found") # Verify we cannot confirm the user. (response, err_msg) = ldap.confirm_existing_user("some*", "somepass") self.assertIsNone(response) self.assertEquals(err_msg, "Invalid user")
def test_login_empty_password(self): with mock_ldap() as ldap: # Verify we cannot login. (response, err_msg) = ldap.verify_and_link_user("someuser", "") self.assertIsNone(response) self.assertEquals(err_msg, "Anonymous binding not allowed") # Verify we cannot confirm the user. (response, err_msg) = ldap.confirm_existing_user("someuser", "") self.assertIsNone(response) self.assertEquals(err_msg, "Invalid user")
def test_login_whitespace_password(self): with mock_ldap() as ldap: # Verify we cannot login. (response, err_msg) = ldap.verify_and_link_user('someuser', ' ') self.assertIsNone(response) self.assertEquals(err_msg, 'Invalid password') # Verify we cannot confirm the user. (response, err_msg) = ldap.confirm_existing_user('someuser', ' ') self.assertIsNone(response) self.assertEquals(err_msg, 'Invalid user')
def test_link_user(self): with mock_ldap() as ldap: # Link someuser. user, error_message = ldap.link_user("someuser") self.assertIsNone(error_message) self.assertIsNotNone(user) self.assertEquals("someuser", user.username) # Link again. Should return the same user record. user_again, _ = ldap.link_user("someuser") self.assertEquals(user_again.id, user.id) # Confirm someuser. result, _ = ldap.confirm_existing_user("someuser", "somepass") self.assertIsNotNone(result) self.assertEquals("someuser", result.username) self.assertTrue(model.user.has_user_prompt(user, "confirm_username"))