def test_10_check_conditions_token_has_owner(self):
uhandler = UserNotificationEventHandler()
# check if tokenrealm is contained
builder = EnvironBuilder(method='POST',
data={'user': "******"},
headers={})
tok = init_token({
"serial": "oath1234",
"type": "spass"
},
user=User("cornelius", "realm1"))
env = builder.get_environ()
req = Request(env)
req.all_data = {"user": "******", "serial": "oath1234"}
req.User = User("cornelius", "realm1")
resp = Response()
resp.data = """{"result": {"value": true}}"""
r = uhandler.check_condition({
"g": {},
"handler_def": {
"conditions": {
CONDITION.TOKEN_HAS_OWNER: "True"
}
},
"request": req,
"response": resp
})
# Token has an owner
self.assertEqual(r, True)
r = uhandler.check_condition({
"g": {},
"handler_def": {
"conditions": {
CONDITION.TOKEN_HAS_OWNER: "False"
}
},
"request": req,
"response": resp
})
# Token has an owner, but the condition is wrong
self.assertEqual(r, False)
# unassign token, no owner
unassign_token("oath1234")
r = uhandler.check_condition({
"g": {},
"handler_def": {
"conditions": {
CONDITION.TOKEN_HAS_OWNER: "False"
}
},
"request": req,
"response": resp
})
# The condition was, token-not-assigned and the token has no user
self.assertEqual(r, True)
def test_10_check_conditions_tokentype(self):
uhandler = UserNotificationEventHandler()
# check if tokenrealm is contained
builder = EnvironBuilder(method='POST',
data={'user': "******"},
headers={})
tok = init_token({"serial": "oath1234", "type": "spass"},
user=User("cornelius", "realm1"))
env = builder.get_environ()
req = Request(env)
req.all_data = {"user": "******",
"serial": "oath1234"}
req.User = User("cornelius", "realm1")
resp = Response()
resp.data = """{"result": {"value": true}}"""
r = uhandler.check_condition(
{"g": {},
"handler_def": {"conditions": {"tokentype": "totp,spass,oath,"}},
"request": req,
"response": resp
}
)
# Serial matches the regexp
self.assertEqual(r, True)
def test_08_check_conditions_serial(self):
uhandler = UserNotificationEventHandler()
# check a serial with regexp
builder = EnvironBuilder(method='POST',
data={'user': "******"},
headers={})
env = builder.get_environ()
req = Request(env)
req.all_data = {"user": "******", "serial": "OATH123456"}
req.User = User("cornelius", "realm1")
resp = Response()
resp.data = """{"result": {"value": true}}"""
r = uhandler.check_condition({
"g": {},
"handler_def": {
"conditions": {
"serial": "^OATH.*"
}
},
"request": req,
"response": resp
})
# Serial matches the regexp
self.assertEqual(r, True)
def test_06_check_conditions_realm(self):
uhandler = UserNotificationEventHandler()
# check a locked token with maxfail = failcount
builder = EnvironBuilder(method='POST',
data={'user': "******"},
headers={})
env = builder.get_environ()
req = Request(env)
req.all_data = {"user": "******"}
req.User = User("cornelius", "realm1")
resp = Response()
resp.data = """{"result": {"value": false}}"""
r = uhandler.check_condition({
"g": {},
"handler_def": {
"conditions": {
"realm": "realm2"
}
},
"request": req,
"response": resp
})
# wrong realm
self.assertEqual(r, False)
def test_07_locked_token_wrong_pin(self):
tok = init_token({
"serial": "lock2",
"type": "spass",
"pin": "pin"
},
user=User("cornelius", "realm1"))
# lock it
tok.set_failcount(10)
uhandler = UserNotificationEventHandler()
resp = Response()
resp.data = """{"result": {"value": false}}"""
builder = EnvironBuilder(method='POST')
env = builder.get_environ()
req = Request(env)
req.all_data = {"user": "******", "pass": "******"}
req.User = User("cornelius", self.realm1)
# check the do action.
g = FakeFlaskG()
audit_object = FakeAudit()
audit_object.audit_data["serial"] = None
g.audit_object = audit_object
options = {
"g": g,
"handler_def": {
"conditions": {
"token_locked": "True"
}
},
"response": resp,
"request": req
}
r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False)
self.assertTrue(r > 0)
smtpmock.setdata(response={"*****@*****.**": (200, "OK")},
support_tls=False)
r = uhandler.check_condition(options)
self.assertEqual(r, True)
r = uhandler.do("sendmail", options=options)
self.assertEqual(r, True)
def test_05_check_conditions(self):
uhandler = UserNotificationEventHandler()
resp = Response()
resp.data = """{"result": {"value": false}}"""
builder = EnvironBuilder(method='POST')
env = builder.get_environ()
req = Request(env)
req.all_data = {}
req.User = User()
r = uhandler.check_condition(
{"g": {},
"handler_def": {"conditions": {"logged_in_user": "******"}},
"response": resp,
"request": req})
self.assertEqual(r, False)
r = uhandler.check_condition(
{"g": {},
"handler_def": {"conditions": {"result_value": True}},
"response": resp,
"request": req})
self.assertEqual(r, False)
# check a locked token with maxfail = failcount
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
req.all_data = {"user": "******"}
resp.data = """{"result": {"value": false},
"detail": {"serial": "lockedtoken"}
}
"""
tok = init_token({"serial": "lockedtoken", "type": "spass"})
r = uhandler.check_condition(
{"g": {},
"handler_def": {"conditions": {"token_locked": "True"}},
"response": resp,
"request": req
}
)
# not yet locked
self.assertEqual(r, False)
# lock it
tok.set_failcount(10)
options = {"g": {},
"handler_def": {"conditions": {"token_locked": "True"}},
"response": resp,
"request": req
}
r = uhandler.check_condition(options)
# now locked
self.assertEqual(r, True)
# check the do action.
g = FakeFlaskG()
audit_object = FakeAudit()
audit_object.audit_data["serial"] = "123456"
g.audit_object = audit_object
options = {"g": g,
"handler_def": {"conditions": {"token_locked": "True"}},
"response": resp,
"request": req
}
r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False)
self.assertTrue(r > 0)
smtpmock.setdata(response={"*****@*****.**": (200, "OK")},
support_tls=False)
r = uhandler.do("sendmail", options=options)
self.assertEqual(r, True)