Commit e55b5bf8 authored by Łukasz Nowak's avatar Łukasz Nowak

Finalise certificate management tests.

Prove that user can request and revoke certificate for himself.
Prove that user cannot request twice the certificate.
Prove that user cannot request nor revoke certificate for another one.
parent 86e8d3d0
...@@ -6997,43 +6997,82 @@ class TestVifibSlapWebService(testVifibMixin): ...@@ -6997,43 +6997,82 @@ class TestVifibSlapWebService(testVifibMixin):
# Person using PKI/Slap interface # Person using PKI/Slap interface
######################################## ########################################
def test_person_request_new_certificate(self): def _safe_revoke_certificate(self, person):
"""Chekcs that Person is capable to ask for new certificate""" from AccessControl import getSecurityManager
self.login() user = getSecurityManager().getUser().getId()
self.portal.portal_certificate_authority._checkCertificateAuthority()
person = self.portal.ERP5Site_getAuthenticatedMemberPersonValue(
'test_vifib_user_admin')
try: try:
self.login('ERP5TypeTestCase')
person.revokeCertificate() person.revokeCertificate()
except ValueError, err: except ValueError, err:
if 'No certificate for' in err.message: if 'No certificate for' in err.message:
pass pass
else: else:
raise raise
finally:
self.login(user)
def test_person_request_new_certificate(self):
"""Checks that Person is capable to ask for new certificate"""
self.login()
self.portal.portal_certificate_authority._checkCertificateAuthority()
person = self.portal.ERP5Site_getAuthenticatedMemberPersonValue(
'test_vifib_user_admin')
self._safe_revoke_certificate(person)
self.login('test_vifib_user_admin') self.login('test_vifib_user_admin')
transaction.commit()
certificate = person.getCertificate() certificate = person.getCertificate()
raise NotImplementedError self.assertTrue('CN=test_vifib_user_admin' in certificate['certificate'])
def test_person_request_revoke_certificate(self): def test_person_request_revoke_certificate(self):
"""Chekcs that Person is capable to ask for revocation of certificate""" """Chekcs that Person is capable to ask for revocation of certificate"""
raise NotImplementedError self.login()
self.portal.portal_certificate_authority._checkCertificateAuthority()
person = self.portal.ERP5Site_getAuthenticatedMemberPersonValue(
'test_vifib_user_admin')
self._safe_revoke_certificate(person)
self.login('test_vifib_user_admin')
certificate = person.getCertificate()
self.assertTrue('CN=test_vifib_user_admin' in certificate['certificate'])
person.revokeCertificate()
def test_person_request_new_certificate_twice(self): def test_person_request_new_certificate_twice(self):
"""Checks that if Person asks twice for a certificate the next call """Checks that if Person asks twice for a certificate the next call
fails""" fails"""
raise NotImplementedError self.login()
self.portal.portal_certificate_authority._checkCertificateAuthority()
person = self.portal.ERP5Site_getAuthenticatedMemberPersonValue(
'test_vifib_user_admin')
self._safe_revoke_certificate(person)
self.login('test_vifib_user_admin')
certificate = person.getCertificate()
self.assertTrue('CN=test_vifib_user_admin' in certificate['certificate'])
self.assertRaises(ValueError, person.getCertificate)
def test_person_request_certificate_for_another_person(self): def test_person_request_certificate_for_another_person(self):
"""Checks that if Person tries to request ceritifcate for someone else it """Checks that if Person tries to request ceritifcate for someone else it
will fail""" will fail"""
raise NotImplementedError from AccessControl import Unauthorized
self.login()
self.portal.portal_certificate_authority._checkCertificateAuthority()
person = self.portal.ERP5Site_getAuthenticatedMemberPersonValue(
'test_vifib_user_admin')
self._safe_revoke_certificate(person)
self.login('test_hr_admin')
self.assertRaises(Unauthorized, person.getCertificate)
def test_person_request_revoke_certificate_for_another_person(self): def test_person_request_revoke_certificate_for_another_person(self):
"""Checks that if Person tries to request ceritifcate for someone else it """Checks that if Person tries to request ceritifcate for someone else it
will fail""" will fail"""
raise NotImplementedError from AccessControl import Unauthorized
self.login()
self.portal.portal_certificate_authority._checkCertificateAuthority()
person = self.portal.ERP5Site_getAuthenticatedMemberPersonValue(
'test_vifib_user_admin')
self._safe_revoke_certificate(person)
self.login('test_vifib_user_admin')
certificate = person.getCertificate()
self.assertTrue('CN=test_vifib_user_admin' in certificate['certificate'])
self.login('test_hr_admin')
self.assertRaises(Unauthorized, person.revokeCertificate)
def stepPersonRequestSlapSoftwareInstanceNotFoundResponse(self, sequence, def stepPersonRequestSlapSoftwareInstanceNotFoundResponse(self, sequence,
**kw): **kw):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment