def test_set_inital_admin_twice(self): # first create the user table SetPasswordHandler.create_table(self.db_context) admin_user = '******' admin_pw = libcrypt_password('admin_password') # setup the inital user and it's password SetPasswordHandler.create_admin_user(self.db_context, username=admin_user, crypted_password=admin_pw) admin_user = '******' admin_pw = libcrypt_password('password_of_admin') # setup the inital user and try to set it's password a second time # - this will fail as the user could only be set once SetPasswordHandler.create_admin_user(self.db_context, username=admin_user, crypted_password=admin_pw) pw_handler = SetPasswordHandler(self.db_context) msg = "old password missmatch!" self.check_for_exeption(pw_handler, 'admin', 'password_of_admin', 'new_password', Exception, message=msg) pw_handler.set_password('admin', 'admin_password', 'new_password') return
def test_set_inital_admin_twice(self): # first create the user table SetPasswordHandler.create_table(self.db_context) admin_user = '******' admin_pw = utils.crypt_password('admin_password') # setup the inital user and it's password SetPasswordHandler.create_admin_user(self.db_context, username=admin_user, crypted_password=admin_pw) admin_user = '******' admin_pw = utils.crypt_password('password_of_admin') # setup the inital user and try to set it's password a second time # - this will fail as the user could only be set once SetPasswordHandler.create_admin_user(self.db_context, username=admin_user, crypted_password=admin_pw) pw_handler = SetPasswordHandler(self.db_context) msg = "old password missmatch!" self.check_for_exeption(pw_handler, 'admin', 'password_of_admin', 'new_password', Exception, message=msg) pw_handler.set_password('admin', 'admin_password', 'new_password') return
def setPassword(self): """ abilty to set password in managed / admin_user resolver """ params = {} try: params.update(request.params) old_pw = params['old_password'] new_pw = params['new_password'] username = request_context['AuthUser'].get('login', '') if not username: raise Exception("Missing authenticated user!") sql_url = linotp.model.meta.engine.url # -------------------------------------------------------------- -- # the set password handling: # any error will raise an excecption which will be displayed # to the user c.audit['administrator'] = username c.audit['info'] = 'setPassword' set_pw_handler = SetPasswordHandler(DataBaseContext(sql_url)) set_pw_handler.set_password(username, old_password=old_pw, new_password=new_pw) c.audit['success'] = True return sendResult( response, obj=True, opt={'detail': ('password updated for %r' % username)}) except Exception as exx: c.audit['success'] = False log.exception(exx) Session.rollback() return sendError(response, exx) finally: Session.close()
def setPassword(self): """ abilty to set password in managed / admin_user resolver """ try: old_pw = self.request_params['old_password'] new_pw = self.request_params['new_password'] username = request_context['AuthUser'].get('login', '') if not username: raise Exception("Missing authenticated user!") sql_url = linotp.model.meta.engine.url # -------------------------------------------------------------- -- # the set password handling: # any error will raise an excecption which will be displayed # to the user c.audit['administrator'] = username c.audit['info'] = 'setPassword' set_pw_handler = SetPasswordHandler(DataBaseContext(sql_url)) set_pw_handler.set_password(username, old_password=old_pw, new_password=new_pw) c.audit['success'] = True return sendResult(response, obj=True, opt={'detail': ('password updated for %r' % username) }) except Exception as exx: c.audit['success'] = False log.exception(exx) Session.rollback() return sendError(response, exx) finally: Session.close()
def test_set_password_various(app, db_context, user, oldpw, newpw, exception, message): SetPasswordHandler.create_table(db_context) pw_handler = SetPasswordHandler(db_context) admin_user = '******' admin_pw = utils.crypt_password('old_password') SetPasswordHandler.create_admin_user(db_context, username=admin_user, crypted_password=admin_pw) check_for_exception(pw_handler, user, oldpw, newpw, exception, message) # make sure that the password did not change in between and the # password could be set correctly pw_handler.set_password("admin", 'old_password', 'admin_password')
def setPassword(self): """ abilty to set password in managed / admin_user resolver """ try: old_pw = self.request_params["old_password"] new_pw = self.request_params["new_password"] authenticated_user = getUserFromRequest() username = authenticated_user.login if not username: raise Exception("Missing authenticated user!") sql_url = db.engine.url # -------------------------------------------------------------- -- # the set password handling: # any error will raise an excecption which will be displayed # to the user g.audit["administrator"] = username g.audit["info"] = "setPassword" set_pw_handler = SetPasswordHandler(DataBaseContext(sql_url)) set_pw_handler.set_password(username, old_password=old_pw, new_password=new_pw) g.audit["success"] = True return sendResult( response, obj=True, opt={"detail": ("password updated for %r" % username)}, ) except Exception as exx: g.audit["success"] = False log.error(exx) db.session.rollback() return sendError(response, exx)
def test_set_password(app, db_context): # first create the user table SetPasswordHandler.create_table(db_context) admin_user = "******" admin_pw = utils.crypt_password("admin_password") # setup the inital user and it's password SetPasswordHandler.create_admin_user( db_context, username=admin_user, crypted_password=admin_pw ) # run a valid change of the admin password pw_handler = SetPasswordHandler(db_context) pw_handler.set_password(admin_user, "admin_password", "new_password")
def test_set_inital_admin_twice(app, db_context): # first create the user table SetPasswordHandler.create_table(db_context) admin_user = "******" admin_pw = utils.crypt_password("admin_password") # setup the inital user and it's password SetPasswordHandler.create_admin_user( db_context, username=admin_user, crypted_password=admin_pw ) admin_user = "******" admin_pw = utils.crypt_password("password_of_admin") # setup the inital user and try to set it's password a second time # - this will fail as the user could only be set once SetPasswordHandler.create_admin_user( db_context, username=admin_user, crypted_password=admin_pw ) pw_handler = SetPasswordHandler(db_context) msg = "old password missmatch!" check_for_exception( pw_handler, "admin", "password_of_admin", "new_password", Exception, message=msg, ) pw_handler.set_password("admin", "admin_password", "new_password")
def test_set_password(self): # first create the user table SetPasswordHandler.create_table(self.db_context) admin_user = '******' admin_pw = libcrypt_password('admin_password') # setup the inital user and it's password SetPasswordHandler.create_admin_user(self.db_context, username=admin_user, crypted_password=admin_pw) # run a valid change of the admin password pw_handler = SetPasswordHandler(self.db_context) pw_handler.set_password(admin_user, 'admin_password', 'new_password') # test for non existing user msg = "no user 'username' found!" self.check_for_exeption(pw_handler, 'username', 'old_password', 'new_password', Exception, message=msg) # test for old password mismatch msg = "old password missmatch!" self.check_for_exeption(pw_handler, 'admin', 'old_password', 'new_password', Exception, message=msg) # test for invalid new password using different data types msg = "must be string, not None" self.check_for_exeption(pw_handler, 'admin', 'new_password', None, Exception, message=msg) msg = "must be string, not int" self.check_for_exeption(pw_handler, 'admin', 'new_password', 123456, Exception, message=msg) msg = "must be string, not float" self.check_for_exeption(pw_handler, 'admin', 'new_password', 1234.56, Exception, message=msg) msg = "must be string, not DataBaseContext" self.check_for_exeption(pw_handler, 'admin', 'new_password', self.db_context, Exception, message=msg) # make sure that the password did not change in between and the # password could be set correctly pw_handler.set_password(admin_user, 'new_password', 'admin_password') return