def setUp(self): _BaseTestCase.setUp(self) self.env = EnvironmentStub(enable=[ 'trac.*', 'acct_mgr.admin.*', 'acct_mgr.pwhash.HtDigestHashMethod' ]) self.env.path = tempfile.mkdtemp() self.env.config.set('account-manager', 'password_store', 'SessionStore') store = SessionStore(self.env) store.set_password('registered_user', 'password')
def setUp(self): _BaseTestCase.setUp(self) self.env = EnvironmentStub( enable=['trac.*', 'acct_mgr.admin.*', 'acct_mgr.pwhash.HtDigestHashMethod']) self.env.path = tempfile.mkdtemp() self.env.config.set('account-manager', 'password_store', 'SessionStore') store = SessionStore(self.env) store.set_password('registered_user', 'password')
def setUp(self): _BaseTestCase.setUp(self) self.mgr = AccountManager(self.env) self.store = SessionStore(self.env) self.store.set_password('user', 'passwd') args = dict(username='******', name='', email='') incookie = Cookie() incookie['trac_session'] = '123456' self.req = Mock(authname='', args=args, authenticated=True, base_path='/', callbacks=dict(), href=Mock(prefs=lambda x: None), incookie=incookie, outcookie=Cookie(), redirect=lambda x: None) self.req.path_info = '/'
def setUp(self): _BaseTestCase.setUp(self) self.env = EnvironmentStub(enable=[ 'trac.*', 'acct_mgr.api.*', 'acct_mgr.db.*', 'acct_mgr.register.*', 'acct_mgr.pwhash.HtDigestHashMethod' ]) self.env.path = tempfile.mkdtemp() self.reg_template = 'register.html' self.req.method = 'POST' self.env.config.set('account-manager', 'password_store', 'SessionStore') self.acctmgr = AccountManager(self.env) self.check = BasicCheck(self.env) self.rmod = RegistrationModule(self.env) self.store = SessionStore(self.env)
def setUp(self): _BaseTestCase.setUp(self) self.cfg_panel_template = 'admin_accountsconfig.html' self.env.config.set('account-manager', 'password_store', 'SessionStore') self.admin = ConfigurationAdminPanel(self.env) self.bad_check = BadCheck(self.env) self.basic_check = BasicCheck(self.env) self.dummy_check = DummyCheck(self.env) self.store = SessionStore(self.env)
def setUp(self): _BaseTestCase.setUp(self) self.mgr = AccountManager(self.env) self.store = SessionStore(self.env) self.store.set_password('user', 'passwd') args = dict(username='******', name='', email='') incookie = Cookie() incookie['trac_session'] = '123456' self.req = Mock(authname='', args=args, authenticated=True, base_path='/', callbacks=dict(), chrome={'warnings': [], 'notices': []}, href=Mock(prefs=lambda x: None), incookie=incookie, outcookie=Cookie(), redirect=lambda x: None) self.req.path_info = '/'
class RegistrationModuleTestCase(_BaseTestCase): def setUp(self): _BaseTestCase.setUp(self) self.env = EnvironmentStub(enable=[ 'trac.*', 'acct_mgr.api.*', 'acct_mgr.db.*', 'acct_mgr.register.*', 'acct_mgr.pwhash.HtDigestHashMethod' ]) self.env.path = tempfile.mkdtemp() self.reg_template = 'register.html' self.req.method = 'POST' self.env.config.set('account-manager', 'password_store', 'SessionStore') self.acctmgr = AccountManager(self.env) self.check = BasicCheck(self.env) self.rmod = RegistrationModule(self.env) self.store = SessionStore(self.env) def test_checks(self): # Default configuration: All default checks enabled. response = self.rmod.process_request(self.req) self.assertEqual(response[0], self.reg_template) # Custom configuration: Do basic username checks only. self.req.args['username'] = '******' self.req.args['email'] = '*****@*****.**' self.env.config.set('account-manager', 'register_check', 'BasicCheck') response = self.rmod.process_request(self.req) self.assertEqual(response[0], self.reg_template) # Custom configuration: No check at all, if you insist. self.env.config.set('account-manager', 'register_check', '') self.assertFalse(self.acctmgr._register_check) response = self.rmod.process_request(self.req) self.assertEqual(response[0], self.reg_template) def test_mandatory_email_registration(self): user = '******' passwd = 'test' # A more complete mock of a request object is required for this test. req = Mock(authname='anonymous', method='POST', args={ 'action': 'create', 'username': user, 'name': 'Tester', 'password': passwd, 'password_confirm': passwd }, chrome=dict(notices=[], warnings=[]), href=self.env.abs_href, perm=MockPerm(), redirect=lambda x: None ) # Fail to register the user. self.rmod.process_request(req) self.assertTrue('email address' in str(req.chrome['warnings'])) self.assertEqual(list(self.store.get_users()), []) def test_optional_email_registration(self): user = '******' passwd = 'test' def redirect_noop(href): """Log relevant information for checking registration result.""" #print req.chrome['notices'] return # A more complete mock of a request object is required for this test. req = Mock(authname='anonymous', method='POST', args={ 'action': 'create', 'username': user, 'name': 'Tester', 'password': passwd, 'password_confirm': passwd }, chrome=dict(notices=[], warnings=[]), href=self.env.abs_href, perm=MockPerm(), redirect=redirect_noop ) self.env.config.set('account-manager', 'verify_email', False) # Successfully register the user. # Note: This would have raised an AttributeError without graceful # request checking for 'email'. self.rmod.process_request(req) # DEVEL: Check registration success more directly. self.assertEqual(req.chrome['warnings'], []) self.assertEqual([user], list(self.store.get_users())) self.assertTrue(self.store.check_password(user, passwd))
def setUp(self): self.env = EnvironmentStub(enable=['trac.*', 'acct_mgr.*']) self.env.config.set('account-manager', 'password_store', 'SessionStore') self.store = SessionStore(self.env)
class _BaseTestCase(unittest.TestCase): def setUp(self): #self.basedir = os.path.realpath(tempfile.mkdtemp()) self.env = EnvironmentStub() self.env.config.set('account-manager', 'password_store', 'SessionStore') self.store = SessionStore(self.env) #self.env.path = os.path.join(self.basedir, 'trac-tempenv') #os.mkdir(self.env.path) def test_get_users(self): db = self.env.get_db_cnx() cursor = db.cursor() cursor.executemany( "INSERT INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,'password',%s)", [('a', 'a'), ('b', 'b'), ('c', 'c')]) self.assertEqual(['a', 'b', 'c'], list(self.store.get_users())) def test_has_user(self): db = self.env.get_db_cnx() cursor = db.cursor() cursor.execute( "INSERT INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,'password',%s)", ('bar', 'bar')) self.assertFalse(self.store.has_user('foo')) self.assertTrue(self.store.has_user('bar')) def test_create_user(self): self.assertFalse(self.store.has_user('foo')) self.store.set_password('foo', 'password') self.assertTrue(self.store.has_user('foo')) def test_update_password(self): self.store.set_password('foo', 'pass1') self.assertFalse(self.store.check_password('foo', 'pass2')) self.store.set_password('foo', 'pass2') self.assertTrue(self.store.check_password('foo', 'pass2')) def test_delete_user(self): self.store.set_password('foo', 'password') self.assertTrue(self.store.has_user('foo')) self.assertTrue(self.store.delete_user('foo')) self.assertFalse(self.store.has_user('foo')) def test_delete_nonexistant_user(self): self.assertFalse(self.store.has_user('foo')) self.assertFalse(self.store.delete_user('foo')) def test_unicode_username_and_password(self): username = u'\u4e60' password = u'\u4e61' self.store.set_password(username, password) self.assertTrue(self.store.check_password(username, password))
class RegistrationModuleTestCase(_BaseTestCase): def setUp(self): _BaseTestCase.setUp(self) self.env = EnvironmentStub(enable=[ 'trac.*', 'acct_mgr.api.*', 'acct_mgr.db.*', 'acct_mgr.register.*', 'acct_mgr.pwhash.HtDigestHashMethod' ]) self.env.path = tempfile.mkdtemp() self.reg_template = 'register.html' self.req.method = 'POST' self.env.config.set('account-manager', 'password_store', 'SessionStore') self.acctmgr = AccountManager(self.env) self.check = BasicCheck(self.env) self.rmod = RegistrationModule(self.env) self.store = SessionStore(self.env) def test_checks(self): # Default configuration: All default checks enabled. response = self.rmod.process_request(self.req) self.assertEqual(response[0], self.reg_template) # Custom configuration: Do basic username checks only. self.req.args['username'] = '******' self.req.args['email'] = '*****@*****.**' self.env.config.set('account-manager', 'register_check', 'BasicCheck') response = self.rmod.process_request(self.req) self.assertEqual(response[0], self.reg_template) # Custom configuration: No check at all, if you insist. self.env.config.set('account-manager', 'register_check', '') self.assertFalse(self.acctmgr.register_checks) response = self.rmod.process_request(self.req) self.assertEqual(response[0], self.reg_template) def test_mandatory_email_registration(self): user = '******' passwd = 'test' # A more complete mock of a request object is required for this test. req = Mock(authname='anonymous', method='POST', args={ 'action': 'create', 'username': user, 'name': 'Tester', 'password': passwd, 'password_confirm': passwd }, chrome=dict(notices=[], warnings=[]), href=self.env.abs_href, path_info='/register', perm=MockPerm(), redirect=lambda x: None) # Fail to register the user. self.rmod.process_request(req) self.assertTrue('email address' in str(req.chrome['warnings'])) self.assertEqual(list(self.store.get_users()), []) def test_optional_email_registration(self): user = '******' passwd = 'test' def redirect_noop(href): """Log relevant information for checking registration result.""" # print req.chrome['notices'] return # A more complete mock of a request object is required for this test. req = Mock(authname='anonymous', method='POST', args={ 'action': 'create', 'username': user, 'name': 'Tester', 'password': passwd, 'password_confirm': passwd }, chrome=dict(notices=[], warnings=[]), href=self.env.abs_href, path_info='/register', perm=MockPerm(), redirect=redirect_noop) self.env.config.set('account-manager', 'verify_email', False) # Successfully register the user. # Note: This would have raised an AttributeError without graceful # request checking for 'email'. self.rmod.process_request(req) # DEVEL: Check registration success more directly. self.assertEqual(req.chrome['warnings'], []) self.assertEqual([user], list(self.store.get_users())) self.assertTrue(self.store.check_password(user, passwd))
class AccountManagerTestCase(_BaseTestCase): def setUp(self): _BaseTestCase.setUp(self) self.mgr = AccountManager(self.env) self.store = SessionStore(self.env) self.store.set_password('user', 'passwd') args = dict(username='******', name='', email='') incookie = Cookie() incookie['trac_session'] = '123456' self.req = Mock(authname='', args=args, authenticated=True, base_path='/', callbacks=dict(), href=Mock(prefs=lambda x: None), incookie=incookie, outcookie=Cookie(), redirect=lambda x: None) self.req.path_info = '/' # Tests def test_set_password(self): # Can't work without at least one password store. self.assertRaises(TracError, self.mgr.set_password, 'user', 'passwd') self.env.config.set( 'account-manager', 'password_store', 'SessionStore') self.mgr.set_password('user', 'passwd') # Refuse to overwrite existing credetialy, if requested. self.assertRaises(TracError, self.mgr.set_password, 'user', 'passwd', overwrite=False) def test_approval_admin_keep_perm(self): self.perm.grant_permission('admin', 'ACCTMGR_ADMIN') # Some elevated permission action. action = 'USER_VIEW' self.assertFalse(action in PermissionCache(self.env)) req = self.req req.perm = PermissionCache(self.env, 'admin') req.session = Session(self.env, req) req.session.save() self.mgr.pre_process_request(req, None) self.assertTrue(action in req.perm) # Mock an authenticated request with account approval pending. req.session['approval'] = 'pending' req.session.save() # Don't touch admin user requests. self.mgr.pre_process_request(req, None) self.assertTrue(action in req.perm) def test_approval_user_strip_perm(self): # Some elevated permission action. action = 'USER_VIEW' self.assertFalse(action in PermissionCache(self.env)) self.perm.grant_permission('user', action) req = self.req req.perm = PermissionCache(self.env, 'user') req.session = Session(self.env, req) req.session.save() self.mgr.pre_process_request(req, None) self.assertTrue(action in req.perm) # Mock an authenticated request with account approval pending. req.session['approval'] = 'pending' req.session.save() # Remove elevated permission, if account approval is pending. self.mgr.pre_process_request(req, None) self.assertFalse(action in req.perm) def test_maybe_update_hash(self): # Configure another, primary password store. self.env.config.set('account-manager', 'password_store', 'HtDigestStore, SessionStore') self.env.config.set('account-manager', 'htdigest_file', '.htdigest') cursor = self.db.cursor() cursor.execute(""" INSERT INTO session_attribute (sid,authenticated,name,value) VALUES (%s,%s,%s,%s) """, ('user', 1, 'password_refreshed', '1')) # Refresh not happening due to 'password_refreshed' attribute. self.mgr._maybe_update_hash('user', 'passwd') cursor.execute(""" SELECT value FROM session_attribute WHERE sid='user' AND authenticated=1 AND name='password' """) self.assertNotEqual(cursor.fetchall(), []) cursor.execute(""" DELETE FROM session_attribute WHERE sid='user' AND authenticated=1 AND name='password_refreshed' """) # Refresh (and effectively migrate) user credentials. self.mgr._maybe_update_hash('user', 'passwd') cursor.execute(""" SELECT value FROM session_attribute WHERE sid='user' AND authenticated=1 AND name='password' """) self.assertEqual(cursor.fetchall(), []) cursor.execute(""" SELECT value FROM session_attribute WHERE sid='user' AND authenticated=1 AND name='password_refreshed' """) self.assertEqual(cursor.fetchall(), [('1',)])
class AccountManagerTestCase(_BaseTestCase): def setUp(self): _BaseTestCase.setUp(self) self.mgr = AccountManager(self.env) self.store = SessionStore(self.env) self.store.set_password('user', 'passwd') args = dict(username='******', name='', email='') incookie = Cookie() incookie['trac_session'] = '123456' self.req = Mock(authname='', args=args, authenticated=True, base_path='/', callbacks=dict(), chrome={'warnings': [], 'notices': []}, href=Mock(prefs=lambda x: None), incookie=incookie, outcookie=Cookie(), redirect=lambda x: None) self.req.path_info = '/' # Tests def test_set_password(self): # Can't work without at least one password store. self.assertRaises(TracError, self.mgr.set_password, 'user', 'passwd') self.env.config.set( 'account-manager', 'password_store', 'SessionStore') self.mgr.set_password('user', 'passwd') # Refuse to overwrite existing credentials, if requested. self.assertRaises(TracError, self.mgr.set_password, 'user', 'passwd', overwrite=False) def test_approval_admin_keep_perm(self): self.perm.grant_permission('admin', 'ACCTMGR_ADMIN') # Some elevated permission action. action = 'USER_VIEW' self.assertFalse(action in PermissionCache(self.env)) req = self.req req.perm = PermissionCache(self.env, 'admin') req.session = Session(self.env, req) req.session.save() self.mgr.pre_process_request(req, None) self.assertTrue(action in req.perm) # Mock an authenticated request with account approval pending. req.session['approval'] = 'pending' req.session.save() # Don't touch admin user requests. self.mgr.pre_process_request(req, None) self.assertTrue(action in req.perm) def test_approval_user_strip_perm(self): # Some elevated permission action. action = 'USER_VIEW' self.assertFalse(action in PermissionCache(self.env)) self.perm.grant_permission('user', action) req = self.req req.perm = PermissionCache(self.env, 'user') req.session = Session(self.env, req) req.session.save() self.mgr.pre_process_request(req, None) self.assertTrue(action in req.perm) # Mock an authenticated request with account approval pending. req.session['approval'] = 'pending' req.session.save() # Remove elevated permission, if account approval is pending. self.mgr.pre_process_request(req, None) self.assertFalse(action in req.perm) def test_maybe_update_hash(self): # Configure another, primary password store. self.env.config.set('account-manager', 'password_store', 'HtDigestStore, SessionStore') self.env.config.set('account-manager', 'htdigest_file', '.htdigest') self.env.db_transaction(""" INSERT INTO session_attribute (sid,authenticated,name,value) VALUES (%s,%s,%s,%s) """, ('user', 1, 'password_refreshed', '1')) # Refresh not happening due to 'password_refreshed' attribute. self.mgr._maybe_update_hash('user', 'passwd') for _, in self.env.db_query(""" SELECT value FROM session_attribute WHERE sid='user' AND authenticated=1 AND name='password' """): break else: self.fail("Session attribute 'password' not found.") self.env.db_transaction(""" DELETE FROM session_attribute WHERE sid='user' AND authenticated=1 AND name='password_refreshed' """) # Refresh (and effectively migrate) user credentials. self.mgr._maybe_update_hash('user', 'passwd') for _, in self.env.db_query(""" SELECT value FROM session_attribute WHERE sid='user' AND authenticated=1 AND name='password' """): self.fail("Session attribute 'password' should not be found.") for value, in self.env.db_query(""" SELECT value FROM session_attribute WHERE sid='user' AND authenticated=1 AND name='password_refreshed' """): self.assertEqual('1', value) break else: self.fail("Session attribute 'password_refreshed' not found.")
class _BaseTestCase(unittest.TestCase): def setUp(self): #self.basedir = os.path.realpath(tempfile.mkdtemp()) self.env = EnvironmentStub() self.env.config.set('account-manager', 'password_store', 'SessionStore') self.store = SessionStore(self.env) #self.env.path = os.path.join(self.basedir, 'trac-tempenv') #os.mkdir(self.env.path) def test_get_users(self): db = self.env.get_db_cnx() cursor = db.cursor() cursor.executemany("INSERT INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,'password',%s)", [('a', 'a'), ('b', 'b'), ('c', 'c')]) self.assertEqual(['a', 'b', 'c'], list(self.store.get_users())) def test_has_user(self): db = self.env.get_db_cnx() cursor = db.cursor() cursor.execute("INSERT INTO session_attribute " "(sid,authenticated,name,value) " "VALUES (%s,1,'password',%s)", ('bar', 'bar')) self.assertFalse(self.store.has_user('foo')) self.assertTrue(self.store.has_user('bar')) def test_create_user(self): self.assertFalse(self.store.has_user('foo')) self.store.set_password('foo', 'password') self.assertTrue(self.store.has_user('foo')) def test_update_password(self): self.store.set_password('foo', 'pass1') self.assertFalse(self.store.check_password('foo', 'pass2')) self.store.set_password('foo', 'pass2') self.assertTrue(self.store.check_password('foo', 'pass2')) def test_delete_user(self): self.store.set_password('foo', 'password') self.assertTrue(self.store.has_user('foo')) self.assertTrue(self.store.delete_user('foo')) self.assertFalse(self.store.has_user('foo')) def test_delete_nonexistant_user(self): self.assertFalse(self.store.has_user('foo')) self.assertFalse(self.store.delete_user('foo')) def test_unicode_username_and_password(self): username = u'\u4e60' password = u'\u4e61' self.store.set_password(username, password) self.assertTrue(self.store.check_password(username, password))
class _BaseTestCase(unittest.TestCase): def setUp(self): self.env = EnvironmentStub(enable=['trac.*', 'acct_mgr.*']) self.env.config.set('account-manager', 'password_store', 'SessionStore') self.store = SessionStore(self.env) def test_get_users(self): with self.env.db_transaction as db: db.executemany( """ INSERT INTO session_attribute (sid,authenticated,name,value) VALUES (%s,1,'password',%s) """, [('a', 'a'), ('b', 'b'), ('c', 'c')]) self.assertEqual(set(['a', 'b', 'c']), set(self.store.get_users())) def test_has_user(self): self.env.db_transaction( """ INSERT INTO session_attribute (sid,authenticated,name,value) VALUES (%s,'1','password',%s) """, ('bar', 'bar')) self.assertFalse(self.store.has_user('foo')) self.assertTrue(self.store.has_user('bar')) def test_create_user(self): self.assertFalse(self.store.has_user('foo')) self.store.set_password('foo', 'password') self.assertTrue(self.store.has_user('foo')) def test_overwrite(self): self.assertTrue(self.store.set_password('foo', 'pass1')) self.assertFalse( self.store.set_password('foo', 'pass2', overwrite=False)) self.assertTrue(self.store.check_password('foo', 'pass1')) self.assertTrue(self.store.set_password('bar', 'pass', overwrite=False)) def test_update_password(self): self.store.set_password('foo', 'pass1') self.assertFalse(self.store.check_password('foo', 'pass2')) self.store.set_password('foo', 'pass2') self.assertTrue(self.store.check_password('foo', 'pass2')) self.store.set_password('foo', 'pass3', 'pass2') self.assertTrue(self.store.check_password('foo', 'pass3')) def test_delete_user(self): self.store.set_password('foo', 'password') self.assertTrue(self.store.has_user('foo')) self.assertTrue(self.store.delete_user('foo')) self.assertFalse(self.store.has_user('foo')) def test_delete_nonexistant_user(self): self.assertFalse(self.store.has_user('foo')) self.assertFalse(self.store.delete_user('foo')) def test_unicode_username_and_password(self): username = u'\u4e60' password = u'\u4e61' self.store.set_password(username, password) self.assertTrue(self.store.check_password(username, password))
def setUp(self): #self.basedir = os.path.realpath(tempfile.mkdtemp()) self.env = EnvironmentStub() self.env.config.set('account-manager', 'password_store', 'SessionStore') self.store = SessionStore(self.env)
class _BaseTestCase(unittest.TestCase): def setUp(self): self.env = EnvironmentStub(enable=['trac.*', 'acct_mgr.*']) self.env.config.set('account-manager', 'password_store', 'SessionStore') self.store = SessionStore(self.env) def test_get_users(self): with self.env.db_transaction as db: db.executemany(""" INSERT INTO session_attribute (sid,authenticated,name,value) VALUES (%s,1,'password',%s) """, [('a', 'a'), ('b', 'b'), ('c', 'c')]) self.assertEqual(set(['a', 'b', 'c']), set(self.store.get_users())) def test_has_user(self): self.env.db_transaction(""" INSERT INTO session_attribute (sid,authenticated,name,value) VALUES (%s,'1','password',%s) """, ('bar', 'bar')) self.assertFalse(self.store.has_user('foo')) self.assertTrue(self.store.has_user('bar')) def test_create_user(self): self.assertFalse(self.store.has_user('foo')) self.store.set_password('foo', 'password') self.assertTrue(self.store.has_user('foo')) def test_overwrite(self): self.assertTrue(self.store.set_password('foo', 'pass1')) self.assertFalse(self.store.set_password('foo', 'pass2', overwrite=False)) self.assertTrue(self.store.check_password('foo', 'pass1')) self.assertTrue(self.store.set_password('bar', 'pass', overwrite=False)) def test_update_password(self): self.store.set_password('foo', 'pass1') self.assertFalse(self.store.check_password('foo', 'pass2')) self.store.set_password('foo', 'pass2') self.assertTrue(self.store.check_password('foo', 'pass2')) self.store.set_password('foo', 'pass3', 'pass2') self.assertTrue(self.store.check_password('foo', 'pass3')) def test_delete_user(self): self.store.set_password('foo', 'password') self.assertTrue(self.store.has_user('foo')) self.assertTrue(self.store.delete_user('foo')) self.assertFalse(self.store.has_user('foo')) def test_delete_nonexistant_user(self): self.assertFalse(self.store.has_user('foo')) self.assertFalse(self.store.delete_user('foo')) def test_unicode_username_and_password(self): username = u'\u4e60' password = u'\u4e61' self.store.set_password(username, password) self.assertTrue(self.store.check_password(username, password))