Python reset_all_groupsの例

コード例 #1

def test_ldap_exception_handling():
    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    class LdapTestConnectionError(LdapTestConnection):
        def find_users(self, user, find_by_dn=False):
            raise ldap.LDAPError('No such object')

    ldap_access.CACHED_LDAP_CONN = LdapTestConnectionError()

    c = make_logged_in_client('test', is_superuser=True)

    reset = []

    # Set to nonsensical value just to force new config usage.
    # Should continue to use cached connection.
    reset.append(
        desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

    try:
        response = c.post(reverse(add_ldap_users),
                          dict(server='nonsense',
                               username_pattern='moe',
                               password1='test',
                               password2='test'),
                          follow=True)
        assert_true(
            'There was an error when communicating with LDAP'
            in response.content, response)
    finally:
        for finish in reset:
            finish()

コード例 #2

ファイル: test_ldap.py プロジェクト: cyc821211/hue

def test_ensure_home_directory_sync_ldap_users_groups():
  URL = reverse(sync_ldap_users_groups)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  cluster = pseudo_hdfs4.shared_cluster()
  c = make_logged_in_client(cluster.superuser, is_superuser=True)
  cluster.fs.setuser(cluster.superuser)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    c.post(reverse(add_ldap_users), dict(server='nonsense', username_pattern='curly', password1='test', password2='test'))
    assert_false(cluster.fs.exists('/user/curly'))
    assert_true(c.post(URL, dict(server='nonsense', ensure_home_directory=True)))
    assert_true(cluster.fs.exists('/user/curly'))
  finally:
    for finish in reset:
      finish()

コード例 #3

def test_add_ldap_groups():
  URL = reverse(add_ldap_groups)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()


  c = make_logged_in_client(username='******', is_superuser=True)

  assert_true(c.get(URL))

  response = c.post(URL, dict(groupname_pattern='TestUsers'))
  assert_true('Location' in response, response)
  assert_true('/useradmin/groups' in response['Location'])

  # Test with space
  response = c.post(URL, dict(groupname_pattern='Test Administrators'))
  assert_true('Location' in response, response)
  assert_true('/useradmin/groups' in response['Location'], response)

  response = c.post(URL, dict(groupname_pattern='toolongnametoolongnametoolongnametoolongnametoolongnametoolongname'
                                                'toolongnametoolongnametoolongnametoolongnametoolongnametoolongname'
                                                'toolongnametoolongnametoolongnametoolongnametoolongnametoolongname'
                                                'toolongnametoolongnametoolongnametoolongnametoolongnametoolongname'))
  assert_true('Ensure this value has at most 256 characters' in response.context['form'].errors['groupname_pattern'][0], response)

  # Test wild card
  response = c.post(URL, dict(groupname_pattern='*r*'))
  assert_true('/useradmin/groups' in response['Location'], response)

コード例 #4

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_ensure_home_directory_sync_ldap_users_groups():
  URL = reverse(sync_ldap_users_groups)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  cluster = pseudo_hdfs4.shared_cluster()
  c = make_logged_in_client(cluster.superuser, is_superuser=True)
  cluster.fs.setuser(cluster.superuser)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    c.post(reverse(add_ldap_users), dict(server='nonsense', username_pattern='curly', password1='test', password2='test'))
    assert_false(cluster.fs.exists('/user/curly'))
    assert_true(c.post(URL, dict(server='nonsense', ensure_home_directory=True)))
    assert_true(cluster.fs.exists('/user/curly'))
  finally:
    for finish in reset:
      finish()

    if cluster.fs.exists('/user/curly'):
      cluster.fs.rmtree('/user/curly')

コード例 #5

ファイル: test_ldap.py プロジェクト: cyc821211/hue

def test_useradmin_ldap_user_group_membership_sync():
  settings.MIDDLEWARE_CLASSES.append('useradmin.middleware.LdapSynchronizationMiddleware')

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()
  # Make sure LDAP groups exist or they won't sync
  import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
  import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'Test Administrators', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    # Import curly who is part of TestUsers and Test Administrators
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'curly', sync_groups=False, import_by_dn=False)

    # Set a password so that we can login
    user = User.objects.get(username='******')
    user.set_password('test')
    user.save()

    # Should have 0 groups
    assert_equal(0, user.groups.all().count())

    # Make an authenticated request as curly so that we can see call middleware.
    c = make_logged_in_client('curly', 'test', is_superuser=False)
    grant_access("curly", "test", "useradmin")
    response = c.get('/useradmin/users')

    # Refresh user groups
    user = User.objects.get(username='******')

    # Should have 3 groups now. 2 from LDAP and 1 from 'grant_access' call.
    assert_equal(3, user.groups.all().count(), user.groups.all())

    # Now remove a group and try again.
    old_group = ldap_access.CACHED_LDAP_CONN._instance.users['curly']['groups'].pop()

    # Make an authenticated request as curly so that we can see call middleware.
    response = c.get('/useradmin/users')

    # Refresh user groups
    user = User.objects.get(username='******')

    # Should have 2 groups now. 1 from LDAP and 1 from 'grant_access' call.
    assert_equal(3, user.groups.all().count(), user.groups.all())
  finally:
    settings.MIDDLEWARE_CLASSES.remove('useradmin.middleware.LdapSynchronizationMiddleware')

    for finish in reset:
      finish()

コード例 #6

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_useradmin_ldap_user_group_membership_sync():
  settings.MIDDLEWARE_CLASSES.append('useradmin.middleware.LdapSynchronizationMiddleware')

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()
  # Make sure LDAP groups exist or they won't sync
  import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
  import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'Test Administrators', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    # Import curly who is part of TestUsers and Test Administrators
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'curly', sync_groups=False, import_by_dn=False)

    # Set a password so that we can login
    user = User.objects.get(username='******')
    user.set_password('test')
    user.save()

    # Should have 0 groups
    assert_equal(0, user.groups.all().count())

    # Make an authenticated request as curly so that we can see call middleware.
    c = make_logged_in_client('curly', 'test', is_superuser=False)
    grant_access("curly", "test", "useradmin")
    response = c.get('/useradmin/users')

    # Refresh user groups
    user = User.objects.get(username='******')

    # Should have 3 groups now. 2 from LDAP and 1 from 'grant_access' call.
    assert_equal(3, user.groups.all().count(), user.groups.all())

    # Now remove a group and try again.
    old_group = ldap_access.CACHED_LDAP_CONN._instance.users['curly']['groups'].pop()

    # Make an authenticated request as curly so that we can see call middleware.
    response = c.get('/useradmin/users')

    # Refresh user groups
    user = User.objects.get(username='******')

    # Should have 2 groups now. 1 from LDAP and 1 from 'grant_access' call.
    assert_equal(3, user.groups.all().count(), user.groups.all())
  finally:
    settings.MIDDLEWARE_CLASSES.remove('useradmin.middleware.LdapSynchronizationMiddleware')

    for finish in reset:
      finish()

コード例 #7

def test_add_ldap_groups():
    URL = reverse(add_ldap_groups)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    c = make_logged_in_client(username='******', is_superuser=True)

    reset = []

    # Set to nonsensical value just to force new config usage.
    # Should continue to use cached connection.
    reset.append(
        desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

    try:

        assert_true(c.get(URL))

        response = c.post(
            URL, dict(server='nonsense', groupname_pattern='TestUsers'))
        assert_true('Location' in response, response)
        assert_true('/useradmin/groups' in response['Location'])

        # Test with space
        response = c.post(
            URL,
            dict(server='nonsense', groupname_pattern='Test Administrators'))
        assert_true('Location' in response, response)
        assert_true('/useradmin/groups' in response['Location'], response)

        response = c.post(
            URL,
            dict(
                server='nonsense',
                groupname_pattern='toolongnametoolongnametoolongnametoolongname'
                'toolongnametoolongnametoolongnametoolongname'
                'toolongnametoolongnametoolongnametoolongname'
                'toolongnametoolongnametoolongnametoolongname'
                'toolongnametoolongnametoolongnametoolongname'
                'toolongnametoolongnametoolongnametoolongname'))
        assert_true(
            'Ensure this value has at most 256 characters'
            in response.context['form'].errors['groupname_pattern'][0],
            response)

        # Test wild card
        response = c.post(URL, dict(server='nonsense',
                                    groupname_pattern='*r*'))
        assert_true('/useradmin/groups' in response['Location'], response)
    finally:
        for finish in reset:
            finish()

コード例 #8

def test_ensure_home_directory_add_ldap_users():
    URL = reverse(add_ldap_users)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    cluster = pseudo_hdfs4.shared_cluster()
    c = make_logged_in_client(cluster.superuser, is_superuser=True)
    cluster.fs.setuser(cluster.superuser)

    assert_true(c.get(URL))

    response = c.post(
        URL, dict(username_pattern='moe', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'])
    assert_false(cluster.fs.exists('/user/moe'))

    # Try same thing with home directory creation.
    response = c.post(
        URL,
        dict(username_pattern='curly',
             password1='test',
             password2='test',
             ensure_home_directory=True))
    assert_true('/useradmin/users' in response['Location'])
    assert_true(cluster.fs.exists('/user/curly'))

    response = c.post(
        URL,
        dict(username_pattern='bad_name', password1='test', password2='test'))
    assert_true(
        'Could not' in response.context['form'].errors['username_pattern'][0])
    assert_false(cluster.fs.exists('/user/bad_name'))

    # See if moe, who did not ask for his home directory, has a home directory.
    assert_false(cluster.fs.exists('/user/moe'))

    # Try wild card now
    response = c.post(
        URL,
        dict(username_pattern='*r*',
             password1='test',
             password2='test',
             ensure_home_directory=True))
    assert_true('/useradmin/users' in response['Location'])
    assert_true(cluster.fs.exists('/user/curly'))
    assert_true(cluster.fs.exists(u'/user/lårry'))
    assert_true(cluster.fs.exists('/user/otherguy'))

    # Clean up
    cluster.fs.rmtree('/user/curly')
    cluster.fs.rmtree(u'/user/lårry')
    cluster.fs.rmtree('/user/otherguy')

コード例 #9

def test_add_ldap_users():
  done = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  done.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    URL = reverse(add_ldap_users)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    c = make_logged_in_client('test', is_superuser=True)

    assert_true(c.get(URL))

    response = c.post(URL, dict(server='nonsense', username_pattern='moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)

    response = c.post(URL, dict(server='nonsense', username_pattern='bad_name', password1='test', password2='test'))
    assert_true('Could not' in response.context['form'].errors['username_pattern'][0], response)

    # Test wild card
    response = c.post(URL, dict(server='nonsense', username_pattern='*r*', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'], response)

    # Test ignore case
    done.append(desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
    User.objects.filter(username='******').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(server='nonsense', username_pattern='Moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test lower case
    done.append(desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))
    User.objects.filter(username__iexact='Rock').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(server='nonsense', username_pattern='rock', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

  finally:
    for finish in done:
      finish()

コード例 #10

ファイル: test_ldap.py プロジェクト: cyc821211/hue

def test_ensure_home_directory_add_ldap_users():
  URL = reverse(add_ldap_users)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  cluster = pseudo_hdfs4.shared_cluster()
  c = make_logged_in_client(cluster.superuser, is_superuser=True)
  cluster.fs.setuser(cluster.superuser)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    assert_true(c.get(URL))

    response = c.post(URL, dict(server='nonsense', username_pattern='moe', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'])
    assert_false(cluster.fs.exists('/user/moe'))

    # Try same thing with home directory creation.
    response = c.post(URL, dict(server='nonsense', username_pattern='curly', password1='test', password2='test', ensure_home_directory=True))
    assert_true('/useradmin/users' in response['Location'])
    assert_true(cluster.fs.exists('/user/curly'))

    response = c.post(URL, dict(server='nonsense', username_pattern='bad_name', password1='test', password2='test'))
    assert_true('Could not' in response.context['form'].errors['username_pattern'][0])
    assert_false(cluster.fs.exists('/user/bad_name'))

    # See if moe, who did not ask for his home directory, has a home directory.
    assert_false(cluster.fs.exists('/user/moe'))

    # Try wild card now
    response = c.post(URL, dict(server='nonsense', username_pattern='*rr*', password1='test', password2='test', ensure_home_directory=True))
    assert_true('/useradmin/users' in response['Location'])
    assert_true(cluster.fs.exists('/user/curly'))
    assert_true(cluster.fs.exists(u'/user/lårry'))
    assert_false(cluster.fs.exists('/user/otherguy'))
  finally:
    # Clean up
    for finish in reset:
      finish()

    if cluster.fs.exists('/user/curly'):
      cluster.fs.rmtree('/user/curly')
    if cluster.fs.exists(u'/user/lårry'):
      cluster.fs.rmtree(u'/user/lårry')
    if cluster.fs.exists('/user/otherguy'):
      cluster.fs.rmtree('/user/otherguy')

コード例 #11

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_ensure_home_directory_add_ldap_users():
  URL = reverse(add_ldap_users)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  cluster = pseudo_hdfs4.shared_cluster()
  c = make_logged_in_client(cluster.superuser, is_superuser=True)
  cluster.fs.setuser(cluster.superuser)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    assert_true(c.get(URL))

    response = c.post(URL, dict(server='nonsense', username_pattern='moe', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'])
    assert_false(cluster.fs.exists('/user/moe'))

    # Try same thing with home directory creation.
    response = c.post(URL, dict(server='nonsense', username_pattern='curly', password1='test', password2='test', ensure_home_directory=True))
    assert_true('/useradmin/users' in response['Location'])
    assert_true(cluster.fs.exists('/user/curly'))

    response = c.post(URL, dict(server='nonsense', username_pattern='bad_name', password1='test', password2='test'))
    assert_true('Could not' in response.context['form'].errors['username_pattern'][0])
    assert_false(cluster.fs.exists('/user/bad_name'))

    # See if moe, who did not ask for his home directory, has a home directory.
    assert_false(cluster.fs.exists('/user/moe'))

    # Try wild card now
    response = c.post(URL, dict(server='nonsense', username_pattern='*rr*', password1='test', password2='test', ensure_home_directory=True))
    assert_true('/useradmin/users' in response['Location'])
    assert_true(cluster.fs.exists('/user/curly'))
    assert_true(cluster.fs.exists(u'/user/lårry'))
    assert_false(cluster.fs.exists('/user/otherguy'))
  finally:
    # Clean up
    for finish in reset:
      finish()

    if cluster.fs.exists('/user/curly'):
      cluster.fs.rmtree('/user/curly')
    if cluster.fs.exists(u'/user/lårry'):
      cluster.fs.rmtree(u'/user/lårry')
    if cluster.fs.exists('/user/otherguy'):
      cluster.fs.rmtree('/user/otherguy')

コード例 #12

    def test_add_ldap_users_case_sensitivity(self):
        if is_live_cluster():
            raise SkipTest(
                'HUE-2897: Cannot yet guarantee database is case sensitive')

        done = []
        try:
            URL = reverse(add_ldap_users)

            reset_all_users()
            reset_all_groups()

            # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
            ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

            c = make_logged_in_client('test', is_superuser=True)

            # Test ignore case
            done.append(
                desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
            User.objects.filter(username='******').delete()
            assert_false(User.objects.filter(username='******').exists())
            assert_false(User.objects.filter(username='******').exists())
            response = c.post(
                URL,
                dict(username_pattern='Moe',
                     password1='test',
                     password2='test'))
            assert_true('Location' in response, response)
            assert_true('/useradmin/users' in response['Location'], response)
            assert_false(User.objects.filter(username='******').exists())
            assert_true(User.objects.filter(username='******').exists())

            # Test lower case
            done.append(
                desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(
                    True))
            User.objects.filter(username__iexact='Rock').delete()
            assert_false(User.objects.filter(username='******').exists())
            assert_false(User.objects.filter(username='******').exists())
            response = c.post(
                URL,
                dict(username_pattern='rock',
                     password1='test',
                     password2='test'))
            assert_true('Location' in response, response)
            assert_true('/useradmin/users' in response['Location'], response)
            assert_false(User.objects.filter(username='******').exists())
            assert_true(User.objects.filter(username='******').exists())
        finally:
            for finish in done:
                finish()

コード例 #13

ファイル: test_ldap_deprecated.py プロジェクト: sanjeevtripurari/hue

def test_useradmin_ldap_case_sensitivity():
    if is_live_cluster():
        raise SkipTest(
            'HUE-2897: Cannot yet guarantee database is case sensitive')

    done = []
    try:
        reset_all_users()
        reset_all_groups()

        # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
        ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

        # Test import case sensitivity
        done.append(
            desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'Lårry',
                          sync_groups=False,
                          import_by_dn=False)
        assert_false(User.objects.filter(username='******').exists())
        assert_true(User.objects.filter(username='******').exists())

        # Test lower case
        User.objects.filter(username__iexact='Rock').delete()
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'Rock',
                          sync_groups=False,
                          import_by_dn=False)
        assert_false(User.objects.filter(username='******').exists())
        assert_true(User.objects.filter(username='******').exists())

        done.append(
            desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))

        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'Rock',
                          sync_groups=False,
                          import_by_dn=False)
        assert_false(User.objects.filter(username='******').exists())
        assert_true(User.objects.filter(username='******').exists())

        User.objects.filter(username='******').delete()
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'Rock',
                          sync_groups=False,
                          import_by_dn=False)
        assert_false(User.objects.filter(username='******').exists())
        assert_true(User.objects.filter(username='******').exists())
    finally:
        for finish in done:
            finish()

コード例 #14

def test_sync_ldap_users_groups():
  URL = reverse(sync_ldap_users_groups)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  c = make_logged_in_client('test', is_superuser=True)

  assert_true(c.get(URL))
  assert_true(c.post(URL))

コード例 #15

def test_useradmin_ldap_user_group_membership_sync():
    settings.MIDDLEWARE_CLASSES.append(
        'useradmin.middleware.LdapSynchronizationMiddleware')

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    try:
        # Import curly who is part of TestUsers and Test Administrators
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'curly',
                          sync_groups=False,
                          import_by_dn=False)

        # Set a password so that we can login
        user = User.objects.get(username='******')
        user.set_password('test')
        user.save()

        # Should have 0 groups
        assert_equal(0, user.groups.all().count())

        # Make an authenticated request as curly so that we can see call middleware.
        c = make_logged_in_client('curly', 'test', is_superuser=False)
        grant_access("curly", "test", "useradmin")
        response = c.get('/useradmin/users')

        # Refresh user groups
        user = User.objects.get(username='******')

        # Should have 3 groups now. 2 from LDAP and 1 from 'grant_access' call.
        assert_equal(3, user.groups.all().count(), user.groups.all())

        # Now remove a group and try again.
        old_group = ldap_access.CACHED_LDAP_CONN._instance.users['curly'][
            'groups'].pop()

        # Make an authenticated request as curly so that we can see call middleware.
        response = c.get('/useradmin/users')

        # Refresh user groups
        user = User.objects.get(username='******')

        # Should have 2 groups now. 1 from LDAP and 1 from 'grant_access' call.
        assert_equal(3, user.groups.all().count(), user.groups.all())
    finally:
        settings.MIDDLEWARE_CLASSES.remove(
            'useradmin.middleware.LdapSynchronizationMiddleware')

コード例 #16

def test_ldap_exception_handling():
  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  class LdapTestConnectionError(LdapTestConnection):
    def find_users(self, user, find_by_dn=False):
      raise ldap.LDAPError('No such object')
  ldap_access.CACHED_LDAP_CONN = LdapTestConnectionError()

  c = make_logged_in_client('test', is_superuser=True)

  response = c.post(reverse(add_ldap_users), dict(username_pattern='moe', password1='test', password2='test'), follow=True)
  assert_true('There was an error when communicating with LDAP' in response.content, response)

コード例 #17

ファイル: test_ldap_deprecated.py プロジェクト: neiodavince/hue

def test_useradmin_ldap_user_integration():
  done = []
  try:
    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    # Try importing a user
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'lårry', sync_groups=False, import_by_dn=False)
    larry = User.objects.get(username='******')
    assert_true(larry.first_name == 'Larry')
    assert_true(larry.last_name == 'Stooge')
    assert_true(larry.email == '*****@*****.**')
    assert_true(get_profile(larry).creation_method == str(UserProfile.CreationMethod.EXTERNAL))

    # Should be a noop
    sync_ldap_users(ldap_access.CACHED_LDAP_CONN)
    sync_ldap_groups(ldap_access.CACHED_LDAP_CONN)
    assert_equal(User.objects.all().count(), 1)
    assert_equal(Group.objects.all().count(), 0)

    # Make sure that if a Hue user already exists with a naming collision, we
    # won't overwrite any of that user's information.
    hue_user = User.objects.create(username='******', first_name='Different', last_name='Guy')
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'otherguy', sync_groups=False, import_by_dn=False)
    hue_user = User.objects.get(username='******')
    assert_equal(get_profile(hue_user).creation_method, str(UserProfile.CreationMethod.HUE))
    assert_equal(hue_user.first_name, 'Different')

    # Make sure LDAP groups exist or they won't sync
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'Test Administrators', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
    # Try importing a user and sync groups
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'curly', sync_groups=True, import_by_dn=False)
    curly = User.objects.get(username='******')
    assert_equal(curly.first_name, 'Curly')
    assert_equal(curly.last_name, 'Stooge')
    assert_equal(curly.email, '*****@*****.**')
    assert_equal(get_profile(curly).creation_method, str(UserProfile.CreationMethod.EXTERNAL))
    assert_equal(2, curly.groups.all().count(), curly.groups.all())

    reset_all_users()
    reset_all_groups()
  finally:
    for finish in done:
      finish()

コード例 #18

def test_ensure_home_directory_sync_ldap_users_groups():
  URL = reverse(sync_ldap_users_groups)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  cluster = pseudo_hdfs4.shared_cluster()
  c = make_logged_in_client(cluster.superuser, is_superuser=True)
  cluster.fs.setuser(cluster.superuser)

  c.post(reverse(add_ldap_users), dict(username_pattern='curly', password1='test', password2='test'))
  assert_false(cluster.fs.exists('/user/curly'))
  assert_true(c.post(URL, dict(ensure_home_directory=True)))
  assert_true(cluster.fs.exists('/user/curly'))

コード例 #19

ファイル: test_ldap_deprecated.py プロジェクト: QLGu/hue

def test_ensure_home_directory_add_ldap_users():
  try:
    URL = reverse(add_ldap_users)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    cluster = pseudo_hdfs4.shared_cluster()
    c = make_logged_in_client(cluster.superuser, is_superuser=True)
    cluster.fs.setuser(cluster.superuser)

    assert_true(c.get(URL))

    response = c.post(URL, dict(username_pattern='moe', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'])
    assert_false(cluster.fs.exists('/user/moe'))

    # Try same thing with home directory creation.
    response = c.post(URL, dict(username_pattern='curly', password1='test', password2='test', ensure_home_directory=True))
    assert_true('/useradmin/users' in response['Location'])
    assert_true(cluster.fs.exists('/user/curly'))

    response = c.post(URL, dict(username_pattern='bad_name', password1='test', password2='test'))
    assert_true('Could not' in response.context['form'].errors['username_pattern'][0])
    assert_false(cluster.fs.exists('/user/bad_name'))

    # See if moe, who did not ask for his home directory, has a home directory.
    assert_false(cluster.fs.exists('/user/moe'))

    # Try wild card now
    response = c.post(URL, dict(username_pattern='*rr*', password1='test', password2='test', ensure_home_directory=True))
    assert_true('/useradmin/users' in response['Location'])
    assert_true(cluster.fs.exists('/user/curly'))
    assert_true(cluster.fs.exists(u'/user/lårry'))
    assert_false(cluster.fs.exists('/user/otherguy'))
  finally:
    # Clean up
    if cluster.fs.exists('/user/curly'):
      cluster.fs.rmtree('/user/curly')
    if cluster.fs.exists(u'/user/lårry'):
      cluster.fs.rmtree(u'/user/lårry')
    if cluster.fs.exists('/user/otherguy'):
      cluster.fs.rmtree('/user/otherguy')

コード例 #20

ファイル: test_ldap_deprecated.py プロジェクト: OpenPOWER-BigData/HDP-hue

def test_useradmin_ldap_user_group_membership_sync():
  settings.MIDDLEWARE_CLASSES.append('useradmin.middleware.LdapSynchronizationMiddleware')

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  try:
    # Import curly who is part of TestUsers and Test Administrators
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'curly', sync_groups=False, import_by_dn=False)

    # Set a password so that we can login
    user = User.objects.get(username='******')
    user.set_password('test')
    user.save()

    # Should have 0 groups
    assert_equal(0, user.groups.all().count())

    # Make an authenticated request as curly so that we can see call middleware.
    c = make_logged_in_client('curly', 'test', is_superuser=False)
    grant_access("curly", "test", "useradmin")
    response = c.get('/useradmin/users')

    # Refresh user groups
    user = User.objects.get(username='******')

    # Should have 3 groups now. 2 from LDAP and 1 from 'grant_access' call.
    assert_equal(3, user.groups.all().count(), user.groups.all())

    # Now remove a group and try again.
    old_group = ldap_access.CACHED_LDAP_CONN._instance.users['curly']['groups'].pop()

    # Make an authenticated request as curly so that we can see call middleware.
    response = c.get('/useradmin/users')

    # Refresh user groups
    user = User.objects.get(username='******')

    # Should have 2 groups now. 1 from LDAP and 1 from 'grant_access' call.
    assert_equal(3, user.groups.all().count(), user.groups.all())
  finally:
    settings.MIDDLEWARE_CLASSES.remove('useradmin.middleware.LdapSynchronizationMiddleware')

コード例 #21

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_add_ldap_groups():
  URL = reverse(add_ldap_groups)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  c = make_logged_in_client(username='******', is_superuser=True)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:

    assert_true(c.get(URL))

    response = c.post(URL, dict(server='nonsense', groupname_pattern='TestUsers'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/groups' in response['Location'])

    # Test with space
    response = c.post(URL, dict(server='nonsense', groupname_pattern='Test Administrators'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/groups' in response['Location'], response)

    response = c.post(URL, dict(server='nonsense', groupname_pattern='toolongnametoolongnametoolongnametoolongname'
                                                                     'toolongnametoolongnametoolongnametoolongname'
                                                                     'toolongnametoolongnametoolongnametoolongname'
                                                                     'toolongnametoolongnametoolongnametoolongname'
                                                                     'toolongnametoolongnametoolongnametoolongname'
                                                                     'toolongnametoolongnametoolongnametoolongname'))
    assert_true('Ensure this value has at most 256 characters' in response.context['form'].errors['groupname_pattern'][0], response)

    # Test wild card
    response = c.post(URL, dict(server='nonsense', groupname_pattern='*r*'))
    assert_true('/useradmin/groups' in response['Location'], response)
  finally:
    for finish in reset:
      finish()

コード例 #22

ファイル: test_ldap_deprecated.py プロジェクト: neiodavince/hue

def test_add_ldap_users():
  done = []
  try:
    URL = reverse(add_ldap_users)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    c = make_logged_in_client('test', is_superuser=True)

    assert_true(c.get(URL))

    response = c.post(URL, dict(username_pattern='moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)

    response = c.post(URL, dict(username_pattern='bad_name', password1='test', password2='test'))
    assert_true('Could not' in response.context['form'].errors['username_pattern'][0], response)

    # Test wild card
    response = c.post(URL, dict(username_pattern='*rr*', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'], response)

    # Test regular with spaces (should fail)
    response = c.post(URL, dict(username_pattern='user with space', password1='test', password2='test'))
    assert_true("Username must not contain whitespaces and ':'" in response.context['form'].errors['username_pattern'][0], response)

    # Test dn with spaces in username and dn (should fail)
    response = c.post(URL, dict(username_pattern='uid=user with space,ou=People,dc=example,dc=com', password1='test', password2='test', dn=True))
    assert_true("Could not get LDAP details for users in pattern" in response.content, response)
    response = c.get(reverse(desktop.views.log_view))
    assert_true("{username}: Username must not contain whitespaces".format(username='******') in response.content, response.content)

    # Test dn with spaces in dn, but not username (should succeed)
    response = c.post(URL, dict(username_pattern='uid=user without space,ou=People,dc=example,dc=com', password1='test', password2='test', dn=True))
    assert_true(User.objects.filter(username='******').exists())

  finally:
    for finish in done:
      finish()

コード例 #23

ファイル: test_ldap_deprecated.py プロジェクト: neiodavince/hue

def test_add_ldap_users_case_sensitivity():
  if is_live_cluster():
    raise SkipTest('HUE-2897: Cannot yet guarantee database is case sensitive')

  done = []
  try:
    URL = reverse(add_ldap_users)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    c = make_logged_in_client('test', is_superuser=True)

    # Test ignore case
    done.append(desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
    User.objects.filter(username='******').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(username_pattern='Moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test lower case
    done.append(desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))
    User.objects.filter(username__iexact='Rock').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(username_pattern='rock', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())
  finally:
    for finish in done:
      finish()

コード例 #24

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_sync_ldap_users_groups():
  URL = reverse(sync_ldap_users_groups)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  c = make_logged_in_client('test', is_superuser=True)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    assert_true(c.get(URL))
    assert_true(c.post(URL))
  finally:
    for finish in reset:
      finish()

コード例 #25

ファイル: test_ldap.py プロジェクト: cyc821211/hue

def test_sync_ldap_users_groups():
  URL = reverse(sync_ldap_users_groups)

  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  c = make_logged_in_client('test', is_superuser=True)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    assert_true(c.get(URL))
    assert_true(c.post(URL))
  finally:
    for finish in reset:
      finish()

コード例 #26

ファイル: test_ldap_deprecated.py プロジェクト: neiodavince/hue

def test_useradmin_ldap_case_sensitivity():
  if is_live_cluster():
    raise SkipTest('HUE-2897: Cannot yet guarantee database is case sensitive')

  done = []
  try:
    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    # Test import case sensitivity
    done.append(desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Lårry', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test lower case
    User.objects.filter(username__iexact='Rock').delete()
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    done.append(desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))

    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    User.objects.filter(username='******').delete()
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())
  finally:
    for finish in done:
      finish()

コード例 #27

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_ldap_exception_handling():
  reset_all_users()
  reset_all_groups()

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  class LdapTestConnectionError(LdapTestConnection):
    def find_users(self, user, find_by_dn=False):
      raise ldap.LDAPError('No such object')
  ldap_access.CACHED_LDAP_CONN = LdapTestConnectionError()

  c = make_logged_in_client('test', is_superuser=True)

  reset = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    response = c.post(reverse(add_ldap_users), dict(server='nonsense', username_pattern='moe', password1='test', password2='test'), follow=True)
    assert_true('There was an error when communicating with LDAP' in response.content, response)
  finally:
    for finish in reset:
      finish()

コード例 #28

    def test_useradmin_ldap_user_integration(self):
        done = []
        try:
            # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
            ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

            # Try importing a user
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'lårry',
                              sync_groups=False,
                              import_by_dn=False)
            larry = User.objects.get(username='******')
            assert_true(larry.first_name == 'Larry')
            assert_true(larry.last_name == 'Stooge')
            assert_true(larry.email == '*****@*****.**')
            assert_true(
                get_profile(larry).creation_method ==
                UserProfile.CreationMethod.EXTERNAL.name)

            # Should be a noop
            sync_ldap_users(ldap_access.CACHED_LDAP_CONN)
            sync_ldap_groups(ldap_access.CACHED_LDAP_CONN)
            assert_equal(User.objects.all().count(), 1)
            assert_equal(Group.objects.all().count(), 0)

            # Make sure that if a Hue user already exists with a naming collision, we
            # won't overwrite any of that user's information.
            hue_user = User.objects.create(username='******',
                                           first_name='Different',
                                           last_name='Guy')
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'otherguy',
                              sync_groups=False,
                              import_by_dn=False)
            hue_user = User.objects.get(username='******')
            assert_equal(
                get_profile(hue_user).creation_method,
                UserProfile.CreationMethod.HUE.name)
            assert_equal(hue_user.first_name, 'Different')

            # Make sure LDAP groups exist or they won't sync
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'TestUsers',
                               import_members=False,
                               import_members_recursive=False,
                               sync_users=False,
                               import_by_dn=False)
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'Test Administrators',
                               import_members=False,
                               import_members_recursive=False,
                               sync_users=False,
                               import_by_dn=False)
            # Try importing a user and sync groups
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'curly',
                              sync_groups=True,
                              import_by_dn=False)
            curly = User.objects.get(username='******')
            assert_equal(curly.first_name, 'Curly')
            assert_equal(curly.last_name, 'Stooge')
            assert_equal(curly.email, '*****@*****.**')
            assert_equal(
                get_profile(curly).creation_method,
                UserProfile.CreationMethod.EXTERNAL.name)
            assert_equal(2, curly.groups.all().count(), curly.groups.all())

            reset_all_users()
            reset_all_groups()
        finally:
            for finish in done:
                finish()

コード例 #29

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_add_ldap_users():
  if is_live_cluster():
    raise SkipTest('HUE-2897: Skipping because the DB may not be case sensitive')

  done = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  done.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    URL = reverse(add_ldap_users)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    c = make_logged_in_client('test', is_superuser=True)

    assert_true(c.get(URL))

    response = c.post(URL, dict(server='nonsense', username_pattern='moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)

    response = c.post(URL, dict(server='nonsense', username_pattern='bad_name', password1='test', password2='test'))
    assert_true('Could not' in response.context['form'].errors['username_pattern'][0], response)

    # Test wild card
    response = c.post(URL, dict(server='nonsense', username_pattern='*rr*', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'], response)

    # Test ignore case
    done.append(desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
    User.objects.filter(username='******').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(server='nonsense', username_pattern='Moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test lower case
    done.append(desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))
    User.objects.filter(username__iexact='Rock').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(server='nonsense', username_pattern='rock', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test regular with spaces (should fail)
    response = c.post(URL, dict(server='nonsense', username_pattern='user with space', password1='test', password2='test'))
    assert_true("Username must not contain whitespaces and ':'" in response.context['form'].errors['username_pattern'][0], response)

    # Test dn with spaces in username and dn (should fail)
    response = c.post(URL, dict(server='nonsense', username_pattern='uid=user with space,ou=People,dc=example,dc=com', password1='test', password2='test', dn=True))
    assert_true("Could not get LDAP details for users in pattern" in response.content, response.content)
    response = c.get(reverse(desktop.views.log_view))
    assert_true("{username}: Username must not contain whitespaces".format(username='******') in response.content, response.content)

    # Test dn with spaces in dn, but not username (should succeed)
    response = c.post(URL, dict(server='nonsense', username_pattern='uid=user without space,ou=People,dc=example,dc=com', password1='test', password2='test', dn=True))
    assert_true(User.objects.filter(username='******').exists())

  finally:
    for finish in done:
      finish()

コード例 #30

def test_useradmin_ldap_nested_group_integration():
  if is_live_cluster():
    raise SkipTest('HUE-2897: Skipping because DB may not support unicode')

  reset_all_users()
  reset_all_groups()

  reset = []

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  # Test old subgroups
  reset.append(desktop.conf.LDAP.SUBGROUPS.set_for_testing("nested"))

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    # Import groups only
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 0)

    # Import all members of TestUsers
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 3)

    # Should import a group, but will only sync already-imported members
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'Test Administrators', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(User.objects.all().count(), 3)
    assert_equal(Group.objects.all().count(), 2)
    test_admins = Group.objects.get(name='Test Administrators')
    assert_equal(test_admins.user_set.all().count(), 2)
    larry = User.objects.get(username='******')
    assert_equal(test_admins.user_set.all()[0].username, larry.username)

    # Only sync already imported
    assert_equal(test_users.user_set.all().count(), 3)
    ldap_access.CACHED_LDAP_CONN.remove_user_group_for_test('uid=moe,ou=People,dc=example,dc=com', 'TestUsers')
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(test_users.user_set.all().count(), 2)
    assert_equal(User.objects.get(username='******').groups.all().count(), 0)

    # Import missing user
    ldap_access.CACHED_LDAP_CONN.add_user_group_for_test('uid=moe,ou=People,dc=example,dc=com', 'TestUsers')
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(test_users.user_set.all().count(), 3)
    assert_equal(User.objects.get(username='******').groups.all().count(), 1)

    # Import all members of TestUsers and not members of suboordinate groups (even though specified)
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=True, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 3)

    # Nested group import
    # First without recursive import, then with.
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'NestedGroups', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    nested_groups = Group.objects.get(name='NestedGroups')
    nested_group = Group.objects.get(name='NestedGroup')
    assert_true(LdapGroup.objects.filter(group=nested_groups).exists())
    assert_true(LdapGroup.objects.filter(group=nested_group).exists())
    assert_equal(nested_groups.user_set.all().count(), 0, nested_groups.user_set.all())
    assert_equal(nested_group.user_set.all().count(), 0, nested_group.user_set.all())

    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'NestedGroups', import_members=True, import_members_recursive=True, sync_users=True, import_by_dn=False)
    nested_groups = Group.objects.get(name='NestedGroups')
    nested_group = Group.objects.get(name='NestedGroup')
    assert_true(LdapGroup.objects.filter(group=nested_groups).exists())
    assert_true(LdapGroup.objects.filter(group=nested_group).exists())
    assert_equal(nested_groups.user_set.all().count(), 0, nested_groups.user_set.all())
    assert_equal(nested_group.user_set.all().count(), 1, nested_group.user_set.all())

    # Make sure Hue groups with naming collisions don't get marked as LDAP groups
    hue_user = User.objects.create(username='******', first_name='Different', last_name='Guy')
    hue_group = Group.objects.create(name='OtherGroup')
    hue_group.user_set.add(hue_user)
    hue_group.save()
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'OtherGroup', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_false(LdapGroup.objects.filter(group=hue_group).exists())
    assert_true(hue_group.user_set.filter(username=hue_user.username).exists())
  finally:
    for finish in reset:
      finish()

コード例 #31

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_useradmin_ldap_nested_posix_group_integration():
  reset_all_users()
  reset_all_groups()

  reset = []

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  # Test nested groups
  reset.append(desktop.conf.LDAP.SUBGROUPS.set_for_testing("nested"))

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    # Import groups only
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'PosixGroup', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
    test_users = Group.objects.get(name='PosixGroup')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 0)

    # Import all members of TestUsers
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'PosixGroup', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='PosixGroup')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 2)

    # Should import a group, but will only sync already-imported members
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'Test Administrators', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(User.objects.all().count(), 2, User.objects.all())
    assert_equal(Group.objects.all().count(), 2, Group.objects.all())
    test_admins = Group.objects.get(name='Test Administrators')
    assert_equal(test_admins.user_set.all().count(), 1)
    larry = User.objects.get(username='******')
    assert_equal(test_admins.user_set.all()[0].username, larry.username)

    # Only sync already imported
    ldap_access.CACHED_LDAP_CONN.remove_posix_user_group_for_test('posix_person', 'PosixGroup')
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'PosixGroup', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(test_users.user_set.all().count(), 1)
    assert_equal(User.objects.get(username='******').groups.all().count(), 0)

    # Import missing user
    ldap_access.CACHED_LDAP_CONN.add_posix_user_group_for_test('posix_person', 'PosixGroup')
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'PosixGroup', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(test_users.user_set.all().count(), 2)
    assert_equal(User.objects.get(username='******').groups.all().count(), 1)

    # Import all members of PosixGroup and members of subgroups (there should be no subgroups)
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'PosixGroup', import_members=True, import_members_recursive=True, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='PosixGroup')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 2)

    # Import all members of NestedPosixGroups and members of subgroups
    reset_all_users()
    reset_all_groups()
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'NestedPosixGroups', import_members=True, import_members_recursive=True, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='NestedPosixGroups')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 0)
    test_users = Group.objects.get(name='PosixGroup')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 2)

    # Make sure Hue groups with naming collisions don't get marked as LDAP groups
    hue_user = User.objects.create(username='******', first_name='Different', last_name='Guy')
    hue_group = Group.objects.create(name='OtherGroup')
    hue_group.user_set.add(hue_user)
    hue_group.save()
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'OtherGroup', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_false(LdapGroup.objects.filter(group=hue_group).exists())
    assert_true(hue_group.user_set.filter(username=hue_user.username).exists())
  finally:
    for finish in reset:
      finish()

コード例 #32

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_useradmin_ldap_user_integration():
  if is_live_cluster():
    raise SkipTest('HUE-2897: Skipping because DB may not support unicode')

  done = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  done.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    # Try importing a user
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'lårry', sync_groups=False, import_by_dn=False)
    larry = User.objects.get(username='******')
    assert_true(larry.first_name == 'Larry')
    assert_true(larry.last_name == 'Stooge')
    assert_true(larry.email == '*****@*****.**')
    assert_true(get_profile(larry).creation_method == str(UserProfile.CreationMethod.EXTERNAL))

    # Should be a noop
    sync_ldap_users(ldap_access.CACHED_LDAP_CONN)
    sync_ldap_groups(ldap_access.CACHED_LDAP_CONN)
    assert_equal(User.objects.all().count(), 1)
    assert_equal(Group.objects.all().count(), 0)

    # Make sure that if a Hue user already exists with a naming collision, we
    # won't overwrite any of that user's information.
    hue_user = User.objects.create(username='******', first_name='Different', last_name='Guy')
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'otherguy', sync_groups=False, import_by_dn=False)
    hue_user = User.objects.get(username='******')
    assert_equal(get_profile(hue_user).creation_method, str(UserProfile.CreationMethod.HUE))
    assert_equal(hue_user.first_name, 'Different')

    # Make sure LDAP groups exist or they won't sync
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'Test Administrators', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
    # Try importing a user and sync groups
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'curly', sync_groups=True, import_by_dn=False)
    curly = User.objects.get(username='******')
    assert_equal(curly.first_name, 'Curly')
    assert_equal(curly.last_name, 'Stooge')
    assert_equal(curly.email, '*****@*****.**')
    assert_equal(get_profile(curly).creation_method, str(UserProfile.CreationMethod.EXTERNAL))
    assert_equal(2, curly.groups.all().count(), curly.groups.all())

    reset_all_users()
    reset_all_groups()

    # Test import case sensitivity
    done.append(desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Lårry', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test lower case
    User.objects.filter(username__iexact='Rock').delete()
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    done.append(desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))

    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    User.objects.filter(username='******').delete()
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())
  finally:
    for finish in done:
      finish()

コード例 #33

ファイル: test_ldap.py プロジェクト: neiodavince/hue

def test_useradmin_ldap_nested_group_integration():
  if is_live_cluster():
    raise SkipTest('HUE-2897: Skipping because DB may not support unicode')

  reset_all_users()
  reset_all_groups()

  reset = []

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  # Test old subgroups
  reset.append(desktop.conf.LDAP.SUBGROUPS.set_for_testing("nested"))

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  reset.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    # Import groups only
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 0)

    # Import all members of TestUsers
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 3)

    # Should import a group, but will only sync already-imported members
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'Test Administrators', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(User.objects.all().count(), 3)
    assert_equal(Group.objects.all().count(), 2)
    test_admins = Group.objects.get(name='Test Administrators')
    assert_equal(test_admins.user_set.all().count(), 2)
    larry = User.objects.get(username='******')
    assert_equal(test_admins.user_set.all()[0].username, larry.username)

    # Only sync already imported
    assert_equal(test_users.user_set.all().count(), 3)
    ldap_access.CACHED_LDAP_CONN.remove_user_group_for_test('uid=moe,ou=People,dc=example,dc=com', 'TestUsers')
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(test_users.user_set.all().count(), 2)
    assert_equal(User.objects.get(username='******').groups.all().count(), 0)

    # Import missing user
    ldap_access.CACHED_LDAP_CONN.add_user_group_for_test('uid=moe,ou=People,dc=example,dc=com', 'TestUsers')
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(test_users.user_set.all().count(), 3)
    assert_equal(User.objects.get(username='******').groups.all().count(), 1)

    # Import all members of TestUsers and not members of suboordinate groups (even though specified)
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=True, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 3)

    # Nested group import
    # First without recursive import, then with.
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'NestedGroups', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    nested_groups = Group.objects.get(name='NestedGroups')
    nested_group = Group.objects.get(name='NestedGroup')
    assert_true(LdapGroup.objects.filter(group=nested_groups).exists())
    assert_true(LdapGroup.objects.filter(group=nested_group).exists())
    assert_equal(nested_groups.user_set.all().count(), 0, nested_groups.user_set.all())
    assert_equal(nested_group.user_set.all().count(), 0, nested_group.user_set.all())

    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'NestedGroups', import_members=True, import_members_recursive=True, sync_users=True, import_by_dn=False)
    nested_groups = Group.objects.get(name='NestedGroups')
    nested_group = Group.objects.get(name='NestedGroup')
    assert_true(LdapGroup.objects.filter(group=nested_groups).exists())
    assert_true(LdapGroup.objects.filter(group=nested_group).exists())
    assert_equal(nested_groups.user_set.all().count(), 0, nested_groups.user_set.all())
    assert_equal(nested_group.user_set.all().count(), 1, nested_group.user_set.all())

    # Make sure Hue groups with naming collisions don't get marked as LDAP groups
    hue_user = User.objects.create(username='******', first_name='Different', last_name='Guy')
    hue_group = Group.objects.create(name='OtherGroup')
    hue_group.user_set.add(hue_user)
    hue_group.save()
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'OtherGroup', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_false(LdapGroup.objects.filter(group=hue_group).exists())
    assert_true(hue_group.user_set.filter(username=hue_user.username).exists())
  finally:
    for finish in reset:
      finish()

コード例 #34

ファイル: test_ldap_deprecated.py プロジェクト: OpenPOWER-BigData/HDP-hue

def test_useradmin_ldap_user_integration():
  done = []
  try:
    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    # Try importing a user
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'lårry', sync_groups=False, import_by_dn=False)
    larry = User.objects.get(username='******')
    assert_true(larry.first_name == 'Larry')
    assert_true(larry.last_name == 'Stooge')
    assert_true(larry.email == '*****@*****.**')
    assert_true(get_profile(larry).creation_method == str(UserProfile.CreationMethod.EXTERNAL))

    # Should be a noop
    sync_ldap_users(ldap_access.CACHED_LDAP_CONN)
    sync_ldap_groups(ldap_access.CACHED_LDAP_CONN)
    assert_equal(User.objects.all().count(), 1)
    assert_equal(Group.objects.all().count(), 0)

    # Make sure that if a Hue user already exists with a naming collision, we
    # won't overwrite any of that user's information.
    hue_user = User.objects.create(username='******', first_name='Different', last_name='Guy')
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'otherguy', sync_groups=False, import_by_dn=False)
    hue_user = User.objects.get(username='******')
    assert_equal(get_profile(hue_user).creation_method, str(UserProfile.CreationMethod.HUE))
    assert_equal(hue_user.first_name, 'Different')

    # Try importing a user and sync groups
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'curly', sync_groups=True, import_by_dn=False)
    curly = User.objects.get(username='******')
    assert_equal(curly.first_name, 'Curly')
    assert_equal(curly.last_name, 'Stooge')
    assert_equal(curly.email, '*****@*****.**')
    assert_equal(get_profile(curly).creation_method, str(UserProfile.CreationMethod.EXTERNAL))
    assert_equal(2, curly.groups.all().count(), curly.groups.all())

    reset_all_users()
    reset_all_groups()

    # Test import case sensitivity
    done.append(desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Lårry', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test lower case
    User.objects.filter(username__iexact='Rock').delete()
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_true(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())

    done.append(desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))

    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_true(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())

    User.objects.filter(username='******').delete()
    import_ldap_users(ldap_access.CACHED_LDAP_CONN, 'Rock', sync_groups=False, import_by_dn=False)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())
  finally:
    for finish in done:
      finish()

コード例 #35

def test_add_ldap_users():
  done = []
  try:
    URL = reverse(add_ldap_users)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    c = make_logged_in_client('test', is_superuser=True)

    assert_true(c.get(URL))

    response = c.post(URL, dict(username_pattern='moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)

    response = c.post(URL, dict(username_pattern='bad_name', password1='test', password2='test'))
    assert_true('Could not' in response.context['form'].errors['username_pattern'][0], response)

    # Test wild card
    response = c.post(URL, dict(username_pattern='*rr*', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'], response)

    # Test ignore case
    done.append(desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
    User.objects.filter(username='******').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(username_pattern='Moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test lower case
    done.append(desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))
    User.objects.filter(username__iexact='Rock').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(username_pattern='rock', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test regular with spaces (should fail)
    response = c.post(URL, dict(username_pattern='user with space', password1='test', password2='test'))
    assert_true("Username must not contain whitespaces and ':'" in response.context['form'].errors['username_pattern'][0], response)

    # Test dn with spaces in username and dn (should fail)
    response = c.post(URL, dict(username_pattern='uid=user with space,ou=People,dc=example,dc=com', password1='test', password2='test', dn=True))
    assert_true("There was a problem with some of the LDAP information" in response.content, response)
    assert_true("Username must not contain whitespaces" in response.content, response)

    # Test dn with spaces in dn, but not username (should succeed)
    response = c.post(URL, dict(username_pattern='uid=user without space,ou=People,dc=example,dc=com', password1='test', password2='test', dn=True))
    assert_true(User.objects.filter(username='******').exists())

  finally:
    for finish in done:
      finish()

コード例 #36

def test_add_ldap_users():
  done = []

  # Set to nonsensical value just to force new config usage.
  # Should continue to use cached connection.
  done.append(desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(get_nonsense_config()))

  try:
    URL = reverse(add_ldap_users)

    reset_all_users()
    reset_all_groups()

    # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
    ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

    c = make_logged_in_client('test', is_superuser=True)

    assert_true(c.get(URL))

    response = c.post(URL, dict(server='nonsense', username_pattern='moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)

    response = c.post(URL, dict(server='nonsense', username_pattern='bad_name', password1='test', password2='test'))
    assert_true('Could not' in response.context['form'].errors['username_pattern'][0], response)

    # Test wild card
    response = c.post(URL, dict(server='nonsense', username_pattern='*rr*', password1='test', password2='test'))
    assert_true('/useradmin/users' in response['Location'], response)

    # Test ignore case
    done.append(desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
    User.objects.filter(username='******').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(server='nonsense', username_pattern='Moe', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test lower case
    done.append(desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))
    User.objects.filter(username__iexact='Rock').delete()
    assert_false(User.objects.filter(username='******').exists())
    assert_false(User.objects.filter(username='******').exists())
    response = c.post(URL, dict(server='nonsense', username_pattern='rock', password1='test', password2='test'))
    assert_true('Location' in response, response)
    assert_true('/useradmin/users' in response['Location'], response)
    assert_false(User.objects.filter(username='******').exists())
    assert_true(User.objects.filter(username='******').exists())

    # Test regular with spaces (should fail)
    response = c.post(URL, dict(server='nonsense', username_pattern='user with space', password1='test', password2='test'))
    assert_true("Username must not contain whitespaces and ':'" in response.context['form'].errors['username_pattern'][0], response)

    # Test dn with spaces in username and dn (should fail)
    response = c.post(URL, dict(server='nonsense', username_pattern='uid=user with space,ou=People,dc=example,dc=com', password1='test', password2='test', dn=True))
    assert_true("Could not get LDAP details for users in pattern" in response.content, response)
    assert_true("Required. 30 characters or fewer with username. 64 characters or fewer with DN. No whitespaces or colons." in response.content, response)

    # # Test dn with spaces in dn, but not username (should succeed)
    # response = c.post(URL, dict(server='nonsense', username_pattern='uid=user without space,ou=People,dc=example,dc=com', password1='test', password2='test', dn=True))
    # assert_true(User.objects.filter(username='******').exists())

  finally:
    for finish in done:
      finish()

コード例 #37

def test_useradmin_ldap_user_integration():
    done = []
    try:
        reset_all_users()
        reset_all_groups()

        # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
        ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

        # Try importing a user
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'lårry',
                          sync_groups=False,
                          import_by_dn=False)
        larry = User.objects.get(username='******')
        assert_true(larry.first_name == 'Larry')
        assert_true(larry.last_name == 'Stooge')
        assert_true(larry.email == '*****@*****.**')
        assert_true(
            get_profile(larry).creation_method == str(
                UserProfile.CreationMethod.EXTERNAL))

        # Should be a noop
        sync_ldap_users(ldap_access.CACHED_LDAP_CONN)
        sync_ldap_groups(ldap_access.CACHED_LDAP_CONN)
        assert_equal(User.objects.all().count(), 1)
        assert_equal(Group.objects.all().count(), 0)

        # Make sure that if a Hue user already exists with a naming collision, we
        # won't overwrite any of that user's information.
        hue_user = User.objects.create(username='******',
                                       first_name='Different',
                                       last_name='Guy')
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'otherguy',
                          sync_groups=False,
                          import_by_dn=False)
        hue_user = User.objects.get(username='******')
        assert_equal(
            get_profile(hue_user).creation_method,
            str(UserProfile.CreationMethod.HUE))
        assert_equal(hue_user.first_name, 'Different')

        # Try importing a user and sync groups
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'curly',
                          sync_groups=True,
                          import_by_dn=False)
        curly = User.objects.get(username='******')
        assert_equal(curly.first_name, 'Curly')
        assert_equal(curly.last_name, 'Stooge')
        assert_equal(curly.email, '*****@*****.**')
        assert_equal(
            get_profile(curly).creation_method,
            str(UserProfile.CreationMethod.EXTERNAL))
        assert_equal(2, curly.groups.all().count(), curly.groups.all())

        reset_all_users()
        reset_all_groups()

        # Test import case sensitivity
        done.append(
            desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'Lårry',
                          sync_groups=False,
                          import_by_dn=False)
        assert_false(User.objects.filter(username='******').exists())
        assert_true(User.objects.filter(username='******').exists())

        # Test lower case
        User.objects.filter(username__iexact='Rock').delete()
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'Rock',
                          sync_groups=False,
                          import_by_dn=False)
        assert_true(User.objects.filter(username='******').exists())
        assert_false(User.objects.filter(username='******').exists())

        done.append(
            desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(True))

        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'Rock',
                          sync_groups=False,
                          import_by_dn=False)
        assert_true(User.objects.filter(username='******').exists())
        assert_false(User.objects.filter(username='******').exists())

        User.objects.filter(username='******').delete()
        import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                          'Rock',
                          sync_groups=False,
                          import_by_dn=False)
        assert_false(User.objects.filter(username='******').exists())
        assert_true(User.objects.filter(username='******').exists())
    finally:
        for finish in done:
            finish()

コード例 #38

    def test_useradmin_ldap_nested_posix_group_integration(self):
        reset = []

        # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
        ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

        # Test nested groups
        reset.append(desktop.conf.LDAP.SUBGROUPS.set_for_testing("nested"))

        # Set to nonsensical value just to force new config usage.
        # Should continue to use cached connection.
        reset.append(
            desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(
                get_nonsense_config()))

        try:
            # Import groups only
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'PosixGroup',
                               import_members=False,
                               import_members_recursive=False,
                               sync_users=False,
                               import_by_dn=False)
            test_users = Group.objects.get(name='PosixGroup')
            assert_true(LdapGroup.objects.filter(group=test_users).exists())
            assert_equal(test_users.user_set.all().count(), 0)

            # Import all members of TestUsers
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'PosixGroup',
                               import_members=True,
                               import_members_recursive=False,
                               sync_users=True,
                               import_by_dn=False)
            test_users = Group.objects.get(name='PosixGroup')
            assert_true(LdapGroup.objects.filter(group=test_users).exists())
            assert_equal(test_users.user_set.all().count(), 2)

            # Should import a group, but will only sync already-imported members
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'Test Administrators',
                               import_members=False,
                               import_members_recursive=False,
                               sync_users=True,
                               import_by_dn=False)
            assert_equal(User.objects.all().count(), 2, User.objects.all())
            assert_equal(Group.objects.all().count(), 2, Group.objects.all())
            test_admins = Group.objects.get(name='Test Administrators')
            assert_equal(test_admins.user_set.all().count(), 1)
            larry = User.objects.get(username='******')
            assert_equal(test_admins.user_set.all()[0].username,
                         larry.username)

            # Only sync already imported
            ldap_access.CACHED_LDAP_CONN.remove_posix_user_group_for_test(
                'posix_person', 'PosixGroup')
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'PosixGroup',
                               import_members=False,
                               import_members_recursive=False,
                               sync_users=True,
                               import_by_dn=False)
            assert_equal(test_users.user_set.all().count(), 1)
            assert_equal(
                User.objects.get(username='******').groups.all().count(),
                0)

            # Import missing user
            ldap_access.CACHED_LDAP_CONN.add_posix_user_group_for_test(
                'posix_person', 'PosixGroup')
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'PosixGroup',
                               import_members=True,
                               import_members_recursive=False,
                               sync_users=True,
                               import_by_dn=False)
            assert_equal(test_users.user_set.all().count(), 2)
            assert_equal(
                User.objects.get(username='******').groups.all().count(),
                1)

            # Import all members of PosixGroup and members of subgroups (there should be no subgroups)
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'PosixGroup',
                               import_members=True,
                               import_members_recursive=True,
                               sync_users=True,
                               import_by_dn=False)
            test_users = Group.objects.get(name='PosixGroup')
            assert_true(LdapGroup.objects.filter(group=test_users).exists())
            assert_equal(test_users.user_set.all().count(), 2)

            # Import all members of NestedPosixGroups and members of subgroups
            reset_all_users()
            reset_all_groups()

            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'NestedPosixGroups',
                               import_members=True,
                               import_members_recursive=True,
                               sync_users=True,
                               import_by_dn=False)
            test_users = Group.objects.get(name='NestedPosixGroups')
            assert_true(LdapGroup.objects.filter(group=test_users).exists())
            assert_equal(test_users.user_set.all().count(), 0)
            test_users = Group.objects.get(name='PosixGroup')
            assert_true(LdapGroup.objects.filter(group=test_users).exists())
            assert_equal(test_users.user_set.all().count(), 2)

            # Make sure Hue groups with naming collisions don't get marked as LDAP groups
            hue_user = User.objects.create(username='******',
                                           first_name='Different',
                                           last_name='Guy')
            hue_group = Group.objects.create(name='OtherGroup')
            hue_group.user_set.add(hue_user)
            hue_group.save()
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'OtherGroup',
                               import_members=False,
                               import_members_recursive=False,
                               sync_users=True,
                               import_by_dn=False)
            assert_false(LdapGroup.objects.filter(group=hue_group).exists())
            assert_true(
                hue_group.user_set.filter(username=hue_user.username).exists())
        finally:
            for finish in reset:
                finish()

コード例 #39

    def test_useradmin_ldap_user_integration(self):
        if is_live_cluster():
            raise SkipTest(
                'HUE-2897: Skipping because the DB may not be case sensitive')

        done = []

        # Set to nonsensical value just to force new config usage.
        # Should continue to use cached connection.
        done.append(
            desktop.conf.LDAP.LDAP_SERVERS.set_for_testing(
                get_nonsense_config()))

        try:
            # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
            ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

            # Try importing a user
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'lårry',
                              sync_groups=False,
                              import_by_dn=False)
            larry = User.objects.get(username='******')
            assert_true(larry.first_name == 'Larry')
            assert_true(larry.last_name == 'Stooge')
            assert_true(larry.email == '*****@*****.**')
            assert_true(
                get_profile(larry).creation_method == str(
                    UserProfile.CreationMethod.EXTERNAL))

            # Should be a noop
            sync_ldap_users(ldap_access.CACHED_LDAP_CONN)
            sync_ldap_groups(ldap_access.CACHED_LDAP_CONN)
            assert_equal(User.objects.all().count(), 1)
            assert_equal(Group.objects.all().count(), 0)

            # Make sure that if a Hue user already exists with a naming collision, we
            # won't overwrite any of that user's information.
            hue_user = User.objects.create(username='******',
                                           first_name='Different',
                                           last_name='Guy')
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'otherguy',
                              sync_groups=False,
                              import_by_dn=False)
            hue_user = User.objects.get(username='******')
            assert_equal(
                get_profile(hue_user).creation_method,
                str(UserProfile.CreationMethod.HUE))
            assert_equal(hue_user.first_name, 'Different')

            # Make sure LDAP groups exist or they won't sync
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'TestUsers',
                               import_members=False,
                               import_members_recursive=False,
                               sync_users=False,
                               import_by_dn=False)
            import_ldap_groups(ldap_access.CACHED_LDAP_CONN,
                               'Test Administrators',
                               import_members=False,
                               import_members_recursive=False,
                               sync_users=False,
                               import_by_dn=False)
            # Try importing a user and sync groups
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'curly',
                              sync_groups=True,
                              import_by_dn=False)
            curly = User.objects.get(username='******')
            assert_equal(curly.first_name, 'Curly')
            assert_equal(curly.last_name, 'Stooge')
            assert_equal(curly.email, '*****@*****.**')
            assert_equal(
                get_profile(curly).creation_method,
                str(UserProfile.CreationMethod.EXTERNAL))
            assert_equal(2, curly.groups.all().count(), curly.groups.all())

            reset_all_users()
            reset_all_groups()

            # Test import case sensitivity
            done.append(
                desktop.conf.LDAP.IGNORE_USERNAME_CASE.set_for_testing(True))
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'Lårry',
                              sync_groups=False,
                              import_by_dn=False)
            assert_false(User.objects.filter(username='******').exists())
            assert_true(User.objects.filter(username='******').exists())

            # Test lower case
            User.objects.filter(username__iexact='Rock').delete()
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'Rock',
                              sync_groups=False,
                              import_by_dn=False)
            assert_false(User.objects.filter(username='******').exists())
            assert_true(User.objects.filter(username='******').exists())

            done.append(
                desktop.conf.LDAP.FORCE_USERNAME_LOWERCASE.set_for_testing(
                    True))

            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'Rock',
                              sync_groups=False,
                              import_by_dn=False)
            assert_false(User.objects.filter(username='******').exists())
            assert_true(User.objects.filter(username='******').exists())

            User.objects.filter(username='******').delete()
            import_ldap_users(ldap_access.CACHED_LDAP_CONN,
                              'Rock',
                              sync_groups=False,
                              import_by_dn=False)
            assert_false(User.objects.filter(username='******').exists())
            assert_true(User.objects.filter(username='******').exists())
        finally:
            for finish in done:
                finish()

コード例 #40

def test_useradmin_ldap_suboordinate_group_integration():
  reset_all_users()
  reset_all_groups()

  reset = []

  # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
  ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

  # Test old subgroups
  reset.append(desktop.conf.LDAP.SUBGROUPS.set_for_testing("suboordinate"))

  try:
    # Import groups only
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=False, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 0)

    # Import all members of TestUsers
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 3)

    # Should import a group, but will only sync already-imported members
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'Test Administrators', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(User.objects.all().count(), 3)
    assert_equal(Group.objects.all().count(), 2)
    test_admins = Group.objects.get(name='Test Administrators')
    assert_equal(test_admins.user_set.all().count(), 2)
    larry = User.objects.get(username='******')
    assert_equal(test_admins.user_set.all()[0].username, larry.username)

    # Only sync already imported
    ldap_access.CACHED_LDAP_CONN.remove_user_group_for_test('uid=moe,ou=People,dc=example,dc=com', 'TestUsers')
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(test_users.user_set.all().count(), 2)
    assert_equal(User.objects.get(username='******').groups.all().count(), 0)

    # Import missing user
    ldap_access.CACHED_LDAP_CONN.add_user_group_for_test('uid=moe,ou=People,dc=example,dc=com', 'TestUsers')
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_equal(test_users.user_set.all().count(), 3)
    assert_equal(User.objects.get(username='******').groups.all().count(), 1)

    # Import all members of TestUsers and members of subgroups
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'TestUsers', import_members=True, import_members_recursive=True, sync_users=True, import_by_dn=False)
    test_users = Group.objects.get(name='TestUsers')
    assert_true(LdapGroup.objects.filter(group=test_users).exists())
    assert_equal(test_users.user_set.all().count(), 4)

    # Make sure Hue groups with naming collisions don't get marked as LDAP groups
    hue_user = User.objects.create(username='******', first_name='Different', last_name='Guy')
    hue_group = Group.objects.create(name='OtherGroup')
    hue_group.user_set.add(hue_user)
    hue_group.save()
    import_ldap_groups(ldap_access.CACHED_LDAP_CONN, 'OtherGroup', import_members=False, import_members_recursive=False, sync_users=True, import_by_dn=False)
    assert_false(LdapGroup.objects.filter(group=hue_group).exists())
    assert_true(hue_group.user_set.filter(username=hue_user.username).exists())
  finally:
    for finish in reset:
      finish()

コード例 #41

ファイル: test_ldap_deprecated.py プロジェクト: sanjeevtripurari/hue

def test_add_ldap_users():
    done = []
    try:
        URL = reverse(add_ldap_users)

        reset_all_users()
        reset_all_groups()

        # Set up LDAP tests to use a LdapTestConnection instead of an actual LDAP connection
        ldap_access.CACHED_LDAP_CONN = LdapTestConnection()

        c = make_logged_in_client('test', is_superuser=True)

        assert_true(c.get(URL))

        response = c.post(
            URL,
            dict(username_pattern='moe', password1='test', password2='test'))
        assert_true('Location' in response, response)
        assert_true('/useradmin/users' in response['Location'], response)

        response = c.post(
            URL,
            dict(username_pattern='bad_name',
                 password1='test',
                 password2='test'))
        assert_true(
            'Could not'
            in response.context['form'].errors['username_pattern'][0],
            response)

        # Test wild card
        response = c.post(
            URL,
            dict(username_pattern='*rr*', password1='test', password2='test'))
        assert_true('/useradmin/users' in response['Location'], response)

        # Test regular with spaces (should fail)
        response = c.post(
            URL,
            dict(username_pattern='user with space',
                 password1='test',
                 password2='test'))
        assert_true(
            "Username must not contain whitespaces and ':'"
            in response.context['form'].errors['username_pattern'][0],
            response)

        # Test dn with spaces in username and dn (should fail)
        response = c.post(
            URL,
            dict(username_pattern=
                 'uid=user with space,ou=People,dc=example,dc=com',
                 password1='test',
                 password2='test',
                 dn=True))
        assert_true(
            "Could not get LDAP details for users in pattern"
            in response.content, response)
        response = c.get(reverse(desktop.views.log_view))
        assert_true(
            "{username}: Username must not contain whitespaces".format(
                username='******') in response.content,
            response.content)

        # Test dn with spaces in dn, but not username (should succeed)
        response = c.post(
            URL,
            dict(username_pattern=
                 'uid=user without space,ou=People,dc=example,dc=com',
                 password1='test',
                 password2='test',
                 dn=True))
        assert_true(User.objects.filter(username='******').exists())

    finally:
        for finish in done:
            finish()