class HtPasswdTestCase(_BaseTestCase):
def setUp(self):
_BaseTestCase.setUp(self)
self.env.config.set('account-manager', 'password_store',
'HtPasswdStore')
self.store = HtPasswdStore(self.env)
def test_md5(self):
self._do_password_test('test_md5',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0\n')
def test_crypt(self):
self._do_password_test('test_crypt', 'user:QdQ/xnl2v877c\n')
def test_sha(self):
self._do_password_test('test_sha',
'user:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=\n')
def test_no_trailing_newline(self):
self._do_password_test('test_no_trailing_newline',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
def test_add_with_no_trailing_newline(self):
filename = self._create_file('test_add_with_no_trailing_newline',
content='user:$apr1$'
'xW/09...$fb150dT95SoL1HwXtHS/I0')
self.env.config.set('account-manager', 'password_file', filename)
self.assertTrue(self.store.check_password('user', 'password'))
self.store.set_password('user2', 'password2')
self.assertTrue(self.store.check_password('user', 'password'))
self.assertTrue(self.store.check_password('user2', 'password2'))
def set_password(self, user, password):
import re
if len(user) < 3:
raise TracError("user name must be at least 3 characters long")
if not re.match(r"^\w+$", user):
raise TracError("user name must consist only of alpha-numeric characters")
if user not in self.get_users():
from trac.wiki.model import WikiPage
db = self.env.get_db_cnx()
page = WikiPage(self.env, user, db=db)
# User creation with existing page
if page.exists:
raise TracError('wiki page "%s" already exists' % user)
else:
from tractags.api import TagEngine
tagspace = TagEngine(self.env).tagspace.wiki
tagspace.add_tags(None, user, ["user"])
page.text = """= %(user)s =\n\n[[ListTagged(%(user)s)]]\n\n[[TagIt(user)]]""" % {"user": user}
page.save(user, "New user %s registered" % user, None)
self.env.log.debug("New user %s registered" % user)
HtPasswdStore.set_password(self, user, password)
def set_password(self, user, password):
import re
if len(user) < 3:
raise TracError('user name must be at least 3 characters long')
if not re.match(r'^\w+$', user):
raise TracError(
'user name must consist only of alpha-numeric characters')
if user not in self.get_users():
from trac.wiki.model import WikiPage
db = self.env.get_db_cnx()
page = WikiPage(self.env, user, db=db)
# User creation with existing page
if page.exists:
raise TracError('wiki page "%s" already exists' % user)
else:
from tractags.api import TagEngine
tagspace = TagEngine(self.env).tagspace.wiki
tagspace.add_tags(None, user, ['user'])
page.text = '''= %(user)s =\n\n[[ListTagged(%(user)s)]]\n\n[[TagIt(user)]]''' % {
'user': user
}
page.save(user, 'New user %s registered' % user, None)
self.env.log.debug("New user %s registered" % user)
HtPasswdStore.set_password(self, user, password)
class HtPasswdTestCase(_BaseTestCase):
def setUp(self):
_BaseTestCase.setUp(self)
self.env.config.set('account-manager', 'password_store',
'HtPasswdStore')
self.store = HtPasswdStore(self.env)
def test_md5(self):
self._do_password_test('test_md5',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0\n')
def test_crypt(self):
self._do_password_test('test_crypt', 'user:QdQ/xnl2v877c\n')
def test_sha(self):
self._do_password_test('test_sha',
'user:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=\n')
def test_no_trailing_newline(self):
self._do_password_test('test_no_trailing_newline',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
def test_add_with_no_trailing_newline(self):
filename = self._create_file('test_add_with_no_trailing_newline',
content='user:$apr1$'
'xW/09...$fb150dT95SoL1HwXtHS/I0')
self.env.config.set('account-manager', 'password_file', filename)
self.assertTrue(self.store.check_password('user', 'password'))
self.store.set_password('user2', 'password2')
self.assertTrue(self.store.check_password('user', 'password'))
self.assertTrue(self.store.check_password('user2', 'password2'))
def test_unicode(self):
user = u'\u4e61'
password = u'\u4e62'
self._init_password_file('test_unicode', '')
self.store.set_password(user, password)
self.assertEqual([user], list(self.store.get_users()))
self.assertTrue(self.store.check_password(user, password))
self.assertTrue(self.store.delete_user(user))
self.assertEqual([], list(self.store.get_users()))
def set_password(self, user, password):
perm = PermissionSystem(self.env)
all_perms = [ p[0] for p in perm.get_all_permissions() ]
if user in all_perms:
raise TracError('%s is a reserved name that can not be registered.' % user)
needles = [ ':', '[', ']' ]
for needle in needles:
if needle in user:
raise TracError('Character "%s" may not be used in user names.' % needle)
if len(user) < 3:
raise TracError('User name must be at least 3 characters long.')
if not re.match(r'^\w+$', user):
raise TracError('User name must consist only of alpha-numeric characters.')
if user.isupper():
raise TracError('User name must not consist of upper-case characters only.')
if WikiPage(self.env, user).exists:
raise TracError('wiki page "%s" already exists' % user)
return HtPasswdStore.set_password(self, user, password)
class HtPasswdTestCase(_BaseTestCase):
def setUp(self):
_BaseTestCase.setUp(self)
self.env.config.set('account-manager', 'password_store',
'HtPasswdStore')
self.store = HtPasswdStore(self.env)
def test_md5(self):
self._do_password_test('test_md5',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0\n')
def test_crypt(self):
self._do_password_test('test_crypt', 'user:QdQ/xnl2v877c\n')
def test_sha(self):
self._do_password_test('test_sha',
'user:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=\n')
def test_no_trailing_newline(self):
self._do_password_test('test_no_trailing_newline',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
def test_add_with_no_trailing_newline(self):
filename = self._create_file('test_add_with_no_trailing_newline',
content='user:$apr1$'
'xW/09...$fb150dT95SoL1HwXtHS/I0')
self.env.config.set('account-manager', 'password_file', filename)
self.assertTrue(self.store.check_password('user', 'password'))
self.store.set_password('user2', 'password2')
self.assertTrue(self.store.check_password('user', 'password'))
self.assertTrue(self.store.check_password('user2', 'password2'))
def test_unicode(self):
user = u'\u4e61'
password = u'\u4e62'
self._init_password_file('test_unicode', '')
self.store.set_password(user, password)
self.assertEqual([user], list(self.store.get_users()))
self.assertTrue(self.store.check_password(user, password))
self.assertTrue(self.store.delete_user(user))
self.assertEqual([], list(self.store.get_users()))
def test_update_password(self):
self._init_password_file('test_passwdupd', '')
self.store.set_password('foo', 'pass1')
self.assertFalse(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass3', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass3'))
def test_create_hash(self):
self._init_password_file('test_hash', '')
self.env.config.set('account-manager', 'htpasswd_hash_type', 'bad')
self.assertTrue(self.store.userline('user',
'password').startswith('user:'******'user', 'password'
).startswith('user:$apr1$'))
self.assertFalse(self.store.userline('user', 'password'
).startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'md5')
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:$apr1$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha')
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
class HtPasswdTestCase(_BaseTestCase):
flavor = 'htpasswd'
def setUp(self):
_BaseTestCase.setUp(self)
self.store = HtPasswdStore(self.env)
def test_md5(self):
self._do_password_test(self.flavor, 'test_md5',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0\n')
def test_crypt(self):
self._do_password_test(self.flavor, 'test_crypt',
'user:QdQ/xnl2v877c\n')
def test_sha(self):
self._do_password_test(self.flavor, 'test_sha',
'user:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=\n')
def test_sha256(self):
try:
self._do_password_test(
self.flavor, 'test_sha256',
'user:$5$rounds=535000$saltsaltsaltsalt$'
'wfx3LZ09XA7qrZB.ttuCbBidMXt51Kgu5YQ.YFq'
'zxA7\n')
except NotImplementedError:
pass
def test_sha512(self):
try:
self._do_password_test(
self.flavor, 'test_sha512',
'user:$6$rounds=535000$saltsaltsaltsalt$'
'9ExQK2S3YXW7/FlfUcw2vy7WF.NH5ZF6SIT14Dj'
'ngOGkcx.5mINko67cLRrqFFh1AltOT4uPnET7Bs'
'JXuI56H/\n')
except NotImplementedError:
pass
def test_no_trailing_newline(self):
self._do_password_test(self.flavor, 'test_no_trailing_newline',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
def test_add_with_no_trailing_newline(self):
filename = self._create_file(
'test_add_with_no_trailing_newline',
content='user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
self.env.config.set('account-manager', 'htpasswd_file', filename)
self.assertTrue(self.store.check_password('user', 'password'))
self.store.set_password('user2', 'password2')
self.assertTrue(self.store.check_password('user', 'password'))
self.assertTrue(self.store.check_password('user2', 'password2'))
def test_update_password(self):
self._init_password_file(self.flavor, 'test_passwdupd')
self.store.set_password('foo', 'pass1')
self.assertFalse(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass3', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass3'))
def test_create_hash(self):
self._init_password_file(self.flavor, 'test_hash')
self.env.config.set('account-manager', 'htpasswd_hash_type', 'bad')
self.assertTrue(
self.store.userline('user', 'password').startswith('user:'******'user', 'password').startswith('user:$apr1$'))
self.assertFalse(
self.store.userline('user', 'password').startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'md5')
self.assertTrue(
self.store.userline('user', 'password').startswith('user:$apr1$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha')
self.assertTrue(
self.store.userline('user', 'password').startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha256')
try:
self.assertTrue(
self.store.userline('user', 'password').startswith('user:$5$'))
except NotImplementedError:
pass
else:
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha512')
try:
self.assertTrue(
self.store.userline('user', 'password').startswith('user:$6$'))
except NotImplementedError:
pass
else:
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
class HtPasswdTestCase(_BaseTestCase):
flavor = 'htpasswd'
def setUp(self):
_BaseTestCase.setUp(self)
self.store = HtPasswdStore(self.env)
def test_md5(self):
self._do_password_test(self.flavor, 'test_md5',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0\n')
def test_crypt(self):
self._do_password_test(self.flavor, 'test_crypt',
'user:QdQ/xnl2v877c\n')
def test_sha(self):
self._do_password_test(self.flavor, 'test_sha',
'user:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=\n')
def test_sha256(self):
self._do_password_test(self.flavor, 'test_sha256',
'user:$5$saltsaltsaltsalt$'
'WsFBeg1qQ90JL3VkUTuM7xVV/5njhLngIVm6ftSnBR2\n')
def test_sha512(self):
self._do_password_test(self.flavor, 'test_sha512',
'user:$6$saltsaltsaltsalt$'
'bcXJ8qxwY5sQ4v8MTl.0B1jeZ0z0JlA9jjmbUoCJZ.1'
'wYXiLTU.q2ILyrDJLm890lyfuF7sWAeli0yjOyFPkf0\n')
def test_no_trailing_newline(self):
self._do_password_test(self.flavor, 'test_no_trailing_newline',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
def test_add_with_no_trailing_newline(self):
filename = self._create_file('test_add_with_no_trailing_newline',
content='user:$apr1$'
'xW/09...$fb150dT95SoL1HwXtHS/I0')
self.env.config.set('account-manager', 'htpasswd_file', filename)
self.assertTrue(self.store.check_password('user', 'password'))
self.store.set_password('user2', 'password2')
self.assertTrue(self.store.check_password('user', 'password'))
self.assertTrue(self.store.check_password('user2', 'password2'))
def test_update_password(self):
self._init_password_file(self.flavor, 'test_passwdupd')
self.store.set_password('foo', 'pass1')
self.assertFalse(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass3', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass3'))
def test_create_hash(self):
self._init_password_file(self.flavor, 'test_hash')
self.env.config.set('account-manager', 'htpasswd_hash_type', 'bad')
self.assertTrue(self.store.userline('user',
'password').startswith('user:'******'user', 'password'
).startswith('user:$apr1$'))
self.assertFalse(self.store.userline('user', 'password'
).startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'md5')
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:$apr1$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha')
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha256')
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:$5$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha512')
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:$6$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
class HtPasswdTestCase(_BaseTestCase):
flavor = 'htpasswd'
def setUp(self):
_BaseTestCase.setUp(self)
self.store = HtPasswdStore(self.env)
def test_md5(self):
self._do_password_test(self.flavor, 'test_md5',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0\n')
def test_crypt(self):
self._do_password_test(self.flavor, 'test_crypt',
'user:QdQ/xnl2v877c\n')
def test_sha(self):
self._do_password_test(self.flavor, 'test_sha',
'user:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=\n')
def test_sha256(self):
self._do_password_test(
self.flavor, 'test_sha256', 'user:$5$saltsaltsaltsalt$'
'WsFBeg1qQ90JL3VkUTuM7xVV/5njhLngIVm6ftSnBR2\n')
def test_sha512(self):
self._do_password_test(
self.flavor, 'test_sha512', 'user:$6$saltsaltsaltsalt$'
'bcXJ8qxwY5sQ4v8MTl.0B1jeZ0z0JlA9jjmbUoCJZ.1'
'wYXiLTU.q2ILyrDJLm890lyfuF7sWAeli0yjOyFPkf0\n')
def test_no_trailing_newline(self):
self._do_password_test(self.flavor, 'test_no_trailing_newline',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
def test_add_with_no_trailing_newline(self):
filename = self._create_file('test_add_with_no_trailing_newline',
content='user:$apr1$'
'xW/09...$fb150dT95SoL1HwXtHS/I0')
self.env.config.set('account-manager', 'htpasswd_file', filename)
self.assertTrue(self.store.check_password('user', 'password'))
self.store.set_password('user2', 'password2')
self.assertTrue(self.store.check_password('user', 'password'))
self.assertTrue(self.store.check_password('user2', 'password2'))
def test_update_password(self):
self._init_password_file(self.flavor, 'test_passwdupd')
self.store.set_password('foo', 'pass1')
self.assertFalse(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass3', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass3'))
def test_create_hash(self):
self._init_password_file(self.flavor, 'test_hash')
self.env.config.set('account-manager', 'htpasswd_hash_type', 'bad')
self.assertTrue(
self.store.userline('user', 'password').startswith('user:'******'user', 'password').startswith('user:$apr1$'))
self.assertFalse(
self.store.userline('user', 'password').startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'md5')
self.assertTrue(
self.store.userline('user', 'password').startswith('user:$apr1$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha')
self.assertTrue(
self.store.userline('user', 'password').startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha256')
self.assertTrue(
self.store.userline('user', 'password').startswith('user:$5$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha512')
self.assertTrue(
self.store.userline('user', 'password').startswith('user:$6$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
class HtPasswdTestCase(_BaseTestCase):
flavor = 'htpasswd'
def setUp(self):
_BaseTestCase.setUp(self)
self.store = HtPasswdStore(self.env)
def test_md5(self):
self._do_password_test(self.flavor, 'test_md5',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0\n')
def test_crypt(self):
self._do_password_test(self.flavor, 'test_crypt',
'user:QdQ/xnl2v877c\n')
def test_sha(self):
self._do_password_test(self.flavor, 'test_sha',
'user:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=\n')
def test_sha256(self):
try:
self._do_password_test(self.flavor, 'test_sha256',
'user:$5$rounds=535000$saltsaltsaltsalt$'
'wfx3LZ09XA7qrZB.ttuCbBidMXt51Kgu5YQ.YFq'
'zxA7\n')
except NotImplementedError:
pass
def test_sha512(self):
try:
self._do_password_test(self.flavor, 'test_sha512',
'user:$6$rounds=535000$saltsaltsaltsalt$'
'9ExQK2S3YXW7/FlfUcw2vy7WF.NH5ZF6SIT14Dj'
'ngOGkcx.5mINko67cLRrqFFh1AltOT4uPnET7Bs'
'JXuI56H/\n')
except NotImplementedError:
pass
def test_no_trailing_newline(self):
self._do_password_test(self.flavor, 'test_no_trailing_newline',
'user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
def test_add_with_no_trailing_newline(self):
filename = self._create_file(
'test_add_with_no_trailing_newline',
content='user:$apr1$xW/09...$fb150dT95SoL1HwXtHS/I0')
self.env.config.set('account-manager', 'htpasswd_file', filename)
self.assertTrue(self.store.check_password('user', 'password'))
self.store.set_password('user2', 'password2')
self.assertTrue(self.store.check_password('user', 'password'))
self.assertTrue(self.store.check_password('user2', 'password2'))
def test_update_password(self):
self._init_password_file(self.flavor, 'test_passwdupd')
self.store.set_password('foo', 'pass1')
self.assertFalse(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass2'))
self.store.set_password('foo', 'pass3', 'pass2')
self.assertTrue(self.store.check_password('foo', 'pass3'))
def test_create_hash(self):
self._init_password_file(self.flavor, 'test_hash')
self.env.config.set('account-manager', 'htpasswd_hash_type', 'bad')
self.assertTrue(self.store.userline('user',
'password').startswith('user:'******'user', 'password'
).startswith('user:$apr1$'))
self.assertFalse(self.store.userline('user', 'password'
).startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'md5')
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:$apr1$'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha')
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:{SHA}'))
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type', 'sha256')
try:
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:$5$'))
except NotImplementedError:
pass
else:
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))
self.env.config.set('account-manager', 'htpasswd_hash_type',
'sha512')
try:
self.assertTrue(self.store.userline('user', 'password'
).startswith('user:$6$'))
except NotImplementedError:
pass
else:
self.store.set_password('user', 'password')
self.assertTrue(self.store.check_password('user', 'password'))