def test_logout_works(self, browser): hugo = create(Builder('user').named('Hugo', 'Boss')) browser.login(hugo.getId()).open() self.assertEquals('Boss Hugo', plone.logged_in()) browser.logout().open() self.assertFalse(plone.logged_in())
def test_submit_form(self, browser): browser.open(view='login_form') self.assertFalse(plone.logged_in()) browser.fill({'Login Name': TEST_USER_NAME, 'Password': TEST_USER_PASSWORD}).submit() self.assertEquals(TEST_USER_ID, plone.logged_in())
def test_login_browser(self, browser): with browser.expect_unauthorized(): browser.open() self.assertFalse(plone.logged_in()) self.login(self.regular_user, browser) browser.open() self.assertEquals(self.regular_user.getProperty('fullname'), plone.logged_in().encode('utf-8'))
def test_relogin_works(self, browser): hugo = create(Builder('user').named('Hugo', 'Boss')) browser.login(hugo.getId()).open() self.assertEquals('Boss Hugo', plone.logged_in()) john = create(Builder('user').named('John', 'Doe')) browser.login(john.getId()).open() self.assertEquals('Doe John', plone.logged_in())
def test_login_and_logout(self, browser): browser.open() self.assertFalse(plone.logged_in()) browser.login().open() self.assertEquals(TEST_USER_ID, plone.logged_in()) browser.logout().open() self.assertFalse(plone.logged_in())
def test_post_request(self, browser): browser.open('http://nohost/plone/login_form') self.assertFalse(plone.logged_in()) browser.open('http://nohost/plone/login_form', {'__ac_name': TEST_USER_NAME, '__ac_password': TEST_USER_PASSWORD, 'form.submitted': 1}) self.assertTrue(plone.logged_in())
def test_cloning_a_browser_copies_headers_MECHBROWSER(self, browser): browser.login().open() self.assertEquals(TEST_USER_ID, plone.logged_in()) with browser.clone() as subbrowser: subbrowser.open() self.assertEquals(TEST_USER_ID, plone.logged_in(subbrowser)) subbrowser.login(SITE_OWNER_NAME).reload() self.assertEquals(SITE_OWNER_NAME, plone.logged_in(subbrowser))
def test_clear_request_header_with_header_selection(self, browser): browser.append_request_header('Authorization', 'Basic {0}'.format( ':'.join((TEST_USER_NAME, TEST_USER_PASSWORD)).encode('base64'))) browser.open() self.assertEquals(TEST_USER_ID, plone.logged_in()) browser.clear_request_header('Authorization') browser.open() self.assertFalse(plone.logged_in())
def test_login_and_logout(self, browser): browser.request_library = LIB_REQUESTS browser.open() self.assertFalse(plone.logged_in()) browser.login().open() self.assertEquals(TEST_USER_ID, plone.logged_in()) browser.logout().open() self.assertFalse(plone.logged_in())
def test_browser_stays_logged_in(self, browser): browser.open() self.assertFalse(plone.logged_in()) browser.visit(view="login_form") browser.fill({"Login Name": TEST_USER_NAME, "Password": TEST_USER_PASSWORD}).submit() self.assertEquals(TEST_USER_ID, plone.logged_in()) browser.visit(view="/") self.assertEquals(TEST_USER_ID, plone.logged_in())
def test_append_request_header(self, browser): browser.request_library = LIB_REQUESTS browser.open() self.assertFalse(plone.logged_in()) browser.append_request_header('Authorization', 'Basic {0}'.format( ':'.join((TEST_USER_NAME, TEST_USER_PASSWORD)).encode('base64'))) browser.open() self.assertEquals(TEST_USER_ID, plone.logged_in()) browser.open() # reload self.assertEquals(TEST_USER_ID, plone.logged_in())
def test_replace_request_header(self, browser): hugo = create(Builder('user').named('Hugo', 'Boss')) john = create(Builder('user').named('John', 'Doe')) browser.append_request_header('Authorization', 'Basic {0}'.format( ':'.join((hugo.getId(), TEST_USER_PASSWORD)).encode('base64'))) browser.open() self.assertEquals('Boss Hugo', plone.logged_in()) browser.replace_request_header('Authorization', 'Basic {0}'.format( ':'.join((john.getId(), TEST_USER_PASSWORD)).encode('base64'))) browser.open() self.assertEquals('Doe John', plone.logged_in())
def test_cloning_a_browser_copies_headers_REQUESTS(self, browser): browser.request_library = LIB_REQUESTS browser.login().open() self.assertEquals(TEST_USER_ID, plone.logged_in()) with browser.clone() as subbrowser: subbrowser.open() self.assertEquals(TEST_USER_ID, plone.logged_in(subbrowser)) subbrowser.login(SITE_OWNER_NAME).reload() self.assertEquals(SITE_OWNER_NAME, plone.logged_in(subbrowser)) browser.reload() self.assertEquals(TEST_USER_ID, plone.logged_in())
def test_cloning_copies_cookies(self, browser): browser.open(view='login_form').fill( {'Login Name': TEST_USER_NAME, 'Password': TEST_USER_PASSWORD}).submit() self.assertTrue(plone.logged_in()) with browser.clone() as subbrowser: subbrowser.open() self.assertTrue(plone.logged_in(subbrowser)) subbrowser.find('Log out').click() self.assertFalse(plone.logged_in(subbrowser)) browser.reload() self.assertTrue(plone.logged_in())
def test_login_with_user_object_works(self, browser): # Use the test user which has different ID and NAME, # but pass in the user object. acl_users = getToolByName(self.layer['portal'], 'acl_users') user = acl_users.getUserById(TEST_USER_ID) browser.login(user).open() self.assertEquals(TEST_USER_ID, plone.logged_in())
def test_login_with_member_object_works(self, browser): # Use the test user which has different ID and NAME, # but pass in the member object. mtool = getToolByName(self.layer['portal'], 'portal_membership') member = mtool.getMemberById(TEST_USER_ID) browser.login(member).open() self.assertEquals(TEST_USER_ID, plone.logged_in())
def test_keeps_cookies_in_session(self, browser): browser.open(view='login_form') self.assertEquals(0, len(browser.cookies)) browser.fill({'Login Name': TEST_USER_NAME, 'Password': TEST_USER_PASSWORD}).submit() self.assertIn('__ac', browser.cookies) self.assertEquals(TEST_USER_ID, plone.logged_in()) browser.open() self.assertIn('__ac', browser.cookies) self.assertEquals(TEST_USER_ID, plone.logged_in()) browser.open() self.assertIn('__ac', browser.cookies) self.assertEquals(TEST_USER_ID, plone.logged_in())
def test_login_as_context_manager_in_browser(self, browser): with browser.expect_unauthorized(): browser.open() self.assertFalse(plone.logged_in()) with self.login(self.regular_user, browser): browser.open() self.assertEquals(self.regular_user.getProperty('fullname'), plone.logged_in().encode('utf-8')) with self.login(self.administrator, browser): browser.open() self.assertEquals(self.administrator.getProperty('fullname'), plone.logged_in().encode('utf-8')) browser.open() self.assertEquals(self.regular_user.getProperty('fullname'), plone.logged_in().encode('utf-8')) with browser.expect_unauthorized(): browser.open() self.assertFalse(plone.logged_in())
def test_end_to_end_happy_path(self, browser): # Step 1 - Issue service key and save it browser.login().open(view='@@manage-service-keys') browser.find('Issue new service key').click() browser.fill({'Title': 'My new key'}) # No IP range restriction, we test this separately browser.find('Issue key').click() self.assertEqual('Download Service Key', browser.css('h1').first.text) json_keyfile = browser.css('.json-keyfile').first keyfile_data = json.loads(json_keyfile.text) private_key = keyfile_data['private_key'] token_uri = keyfile_data['token_uri'] browser.logout().open('logout') self.assertFalse(plone.logged_in()) # Step 2 - Create a JWT grant and sign it with private key claim_set = { 'aud': token_uri, 'iss': keyfile_data['client_id'], 'sub': keyfile_data['user_id'], 'iat': int(time.time()), 'exp': int(time.time() + (60 * 59)), } grant_token = jwt.encode(claim_set, private_key, algorithm='RS256') # Step 3 - Exchange the JWT grant for an access token by making # a token request to the OAuth2 token endpoint payload = {'grant_type': GRANT_TYPE, 'assertion': grant_token} token_response = requests.post(token_uri, data=payload) token = token_response.json()['access_token'] # Step 4 - Use the access token to make authenticated requests headers = {'Authorization': 'Bearer %s' % token} response = requests.get(self.portal.absolute_url(), headers=headers) self.assertIn(TEST_USER_ID, response.content) # Test with plone.restapi as well headers = { 'Authorization': 'Bearer %s' % token, 'Accept': 'application/json' } response = requests.get(self.portal.absolute_url(), headers=headers) self.assertDictContainsSubset({'title': 'Plone site'}, response.json())
def test_logged_in(self, browser): browser.login().open('http://nohost/plone') self.assertEquals(TEST_USER_ID, plone.logged_in())
def test_not_logged_in(self, browser): browser.open(self.portal.portal_url()) self.assertFalse(plone.logged_in(browser=browser))
def test_logged_in(self, browser): browser.login().open(self.portal.portal_url()) self.assertEquals(TEST_USER_ID, plone.logged_in(browser=browser))
def test_login_works(self, browser): browser.login().webdav('GET') self.assertTrue(plone.logged_in())
def test_not_logged_in(self, browser): browser.open('http://nohost/plone') self.assertFalse(plone.logged_in())