Exemplo n.º 1
0
    def authenticateCredentials(self, credentials):
        login = credentials.get('login')
        password = credentials.get('password')

        if login is None or password is None:
            return None

        # Adapt to IUserAuthentication to provide the actual authentication.
        # If no such adapter (or null-adapter) exists, fail.
        authentication = IUserAuthentication(self.context, None)
        if authentication is None:
            return None

        if authentication.verifyCredentials(credentials):
            info = IMembraneUserObject(self.context, self)
            userid = info.getUserId()
            return userid, login
 def testIMembraneUserManagement(self):
     """Test the functionality of the IMembraneUserManagement interface."""
     from Products.membrane.interfaces import IMembraneUserManagement
     from Products.membrane.at.interfaces import IUserAuthentication
     
     user = IMembraneUserManagement(self.person);
     auth = IUserAuthentication(self.person);
      
     #test setting password directly, verify that verifyCredentials works as expected
     fsd_tool = getToolByName(self.portal, TOOLNAME)
     self.person.setPassword('secret1')
     if fsd_tool.getUseInternalPassword():
         self.failUnless(auth.verifyCredentials({'login':'******','password':'******'}), "failed to verify correct login and password, setting password directly")
     else:
         self.failIf(auth.verifyCredentials({'login':'******','password':'******'}), "internal password not used, method should return none, setting password directly.  Value returned: %s" % returnval)
     
     # now set password using the userChanger method and verify that it worked
     user.doChangeUser('abc123', 'secret2')
     fsd_tool = getToolByName(self.portal, TOOLNAME)
     if fsd_tool.getUseInternalPassword():
         self.failUnless(auth.verifyCredentials({'login':'******','password':'******'}), "failed to verify correct login and password, testing doChangeUser()")
     else:
         self.failIf(auth.verifyCredentials({'login':'******','password':'******'}), "internal password not used, method should return none, testing doChangeUser().  Value returned: %s" % returnval)
     
     # set password and some other value with doChangeUser, using keywords
     self.failIf(self.person.getEmail(), "email already set, and it shouldn't be: %s" % self.person.getEmail())
     user.doChangeUser('abc123','secret', email='*****@*****.**')
     self.failUnlessEqual(self.person.getEmail(), '*****@*****.**', msg="failed to update email via doChangeUser(): %s" % self.person.getEmail())
     
     # now try to delete the user
     self.failUnless(hasattr(self.directory,'abc123'), "directory does not have person")
     user.doDeleteUser('abc123')
     self.failIf(hasattr(self.directory,'abc123'), "directory still contains person")
     
     # we should not be able to log in as this person anymore
     self.logout()
     try:
         self.login('abc123')
     except AttributeError:
         pass
     else:
         self.fail("still able to login: %s" % self.portal.portal_membership.getAuthenticatedMember().id)
 def testIUserAuthentication(self):
     """Test the functionality of the IUserAuthentication interface."""
     # adapt the person object
     u = IUserAuthentication(self.person)
     uname = u.getUserName()
     self.failUnlessEqual(uname, 'abc123', "incorrect value for getUserName.")
     
     fsd_tool = getToolByName(self.portal, TOOLNAME)
     if fsd_tool.getUseInternalPassword():
         self.person.setPassword("chewy1")
         self.failIf(u.verifyCredentials(    {                                    }), "somehow verified empty credentials")
         self.failIf(u.verifyCredentials(    {'login':'******','password':''      }), "verified missing password")
         self.failIf(u.verifyCredentials(    {'login':'',      'password':'******'}), "verified missing login")
         self.failIf(u.verifyCredentials(    {'login':'******','password':'******'}), "verified incorrect login")
         self.failIf(u.verifyCredentials(    {'login':'******','password':'******'}), "verified incorrect password")
         self.failIf(u.verifyCredentials(    {'login':'******','password':'******'}), "verified incorrect login and password")
         self.failUnless(u.verifyCredentials({'login':'******','password':'******'}), "failed to verify correct login and password")
     else:
         self.failIf(u.verifyCredentials({'login':'******','password':'******'}), "internal password not used, method should return none.  Value returned: %s" % returnval)
 def testUseInternalPasswordControlsAuth(self):
     from Products.membrane.at.interfaces import IUserAuthentication
     
     u = IUserAuthentication(self.person)
     self.person.setPassword("chewy1")
     if self.fsd_tool.getUseInternalPassword():
         self.failUnless(u.verifyCredentials({'login':'******','password':'******'}),"useInternalPassword appears to be broken, failed to verify correct login and password: %s" % self.fsd_tool.getUseInternalPassword())
         self.fsd_tool.setUseInternalPassword(False)
         self.failIf(u.verifyCredentials({'login':'******','password':'******'}), "useInternalPassword not toggled.  verification still allowed: %s" % self.fsd_tool.getUseInternalPassword())
     else:
         self.failIf(u.verifyCredentials({'login':'******','password':'******'}),"verification allowed, but shouldn't have been: %s" % self.fsd_tool.getUseInternalPassword())
         self.fsd_tool.setUseInternalPassword(True)
         self.failUnless(u.verifyCredentials({'login':'******','password':'******'}), "useInternalPassword not toggled.  verification still disallowed: %s" % self.fsd_tool.getUseInternalPassword())
 def testIUserAuthentication(self):
     """Test the functionality of the IUserAuthentication interface."""
     # adapt the person object
     u = IUserAuthentication(self.person)
     uname = u.getUserName()
     self.failUnlessEqual(uname, 'abc123', "incorrect value for getUserName.")
     
     fsd_tool = getToolByName(self.portal, TOOLNAME)
     if fsd_tool.getUseInternalPassword():
         self.person.setPassword("chewy1")
         self.failIf(u.verifyCredentials(    {                                    }), "somehow verified empty credentials")
         self.failIf(u.verifyCredentials(    {'login':'******','password':''      }), "verified missing password")
         self.failIf(u.verifyCredentials(    {'login':'',      'password':'******'}), "verified missing login")
         self.failIf(u.verifyCredentials(    {'login':'******','password':'******'}), "verified incorrect login")
         self.failIf(u.verifyCredentials(    {'login':'******','password':'******'}), "verified incorrect password")
         self.failIf(u.verifyCredentials(    {'login':'******','password':'******'}), "verified incorrect login and password")
         self.failUnless(u.verifyCredentials({'login':'******','password':'******'}), "failed to verify correct login and password")
     else:
         self.failIf(u.verifyCredentials({'login':'******','password':'******'}), "internal password not used, method should return none.  Value returned: %s" % returnval)
 def testIMembraneUserManagement(self):
     """Test the functionality of the IMembraneUserManagement interface."""
     from Products.membrane.interfaces import IMembraneUserManagement
     from Products.membrane.at.interfaces import IUserAuthentication
     
     user = IMembraneUserManagement(self.person);
     auth = IUserAuthentication(self.person);
      
     #test setting password directly, verify that verifyCredentials works as expected
     fsd_tool = getToolByName(self.portal, TOOLNAME)
     self.person.setPassword('secret1')
     if fsd_tool.getUseInternalPassword():
         self.failUnless(auth.verifyCredentials({'login':'******','password':'******'}), "failed to verify correct login and password, setting password directly")
     else:
         self.failIf(auth.verifyCredentials({'login':'******','password':'******'}), "internal password not used, method should return none, setting password directly.  Value returned: %s" % returnval)
     
     # now set password using the userChanger method and verify that it worked
     user.doChangeUser('abc123', 'secret2')
     fsd_tool = getToolByName(self.portal, TOOLNAME)
     if fsd_tool.getUseInternalPassword():
         self.failUnless(auth.verifyCredentials({'login':'******','password':'******'}), "failed to verify correct login and password, testing doChangeUser()")
     else:
         self.failIf(auth.verifyCredentials({'login':'******','password':'******'}), "internal password not used, method should return none, testing doChangeUser().  Value returned: %s" % returnval)
     
     # set password and some other value with doChangeUser, using keywords
     self.failIf(self.person.getEmail(), "email already set, and it shouldn't be: %s" % self.person.getEmail())
     user.doChangeUser('abc123','secret', email='*****@*****.**')
     self.failUnlessEqual(self.person.getEmail(), '*****@*****.**', msg="failed to update email via doChangeUser(): %s" % self.person.getEmail())
     
     # now try to delete the user
     self.failUnless(hasattr(self.directory,'abc123'), "directory does not have person")
     user.doDeleteUser('abc123')
     self.failIf(hasattr(self.directory,'abc123'), "directory still contains person")
     
     # we should not be able to log in as this person anymore
     self.logout()
     try:
         self.login('abc123')
     except AttributeError:
         pass
     else:
         self.fail("still able to login: %s" % self.portal.portal_membership.getAuthenticatedMember().id)