Commit 368d4fad authored by Jérome Perrin's avatar Jérome Perrin

Add many tests for user creation and login / password validation


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@8812 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent ba08f1bb
...@@ -36,10 +36,11 @@ if __name__ == '__main__': ...@@ -36,10 +36,11 @@ if __name__ == '__main__':
os.environ['EVENT_LOG_FILE'] = os.path.join(os.getcwd(), 'zLOG.log') os.environ['EVENT_LOG_FILE'] = os.path.join(os.getcwd(), 'zLOG.log')
os.environ['EVENT_LOG_SEVERITY'] = '-300' os.environ['EVENT_LOG_SEVERITY'] = '-300'
from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase,\
get_request
from AccessControl.SecurityManagement import newSecurityManager from AccessControl.SecurityManagement import newSecurityManager
from zLOG import LOG from zLOG import LOG
from Products.ERP5Type.tests.Sequence import Sequence, SequenceList from Products.ERP5Type.Cache import clearCache
from Products.PluggableAuthService import PluggableAuthService from Products.PluggableAuthService import PluggableAuthService
try: try:
from zope.interface.verify import verifyClass from zope.interface.verify import verifyClass
...@@ -59,13 +60,25 @@ class TestERP5Security(ERP5TypeTestCase): ...@@ -59,13 +60,25 @@ class TestERP5Security(ERP5TypeTestCase):
"""List of BT to install. """ """List of BT to install. """
return ('erp5_base',) return ('erp5_base',)
def beforeTearDown(self):
"""Clears person module and invalidate caches when tests are finished."""
clearCache()
self.getPersonModule().manage_delObjects([x for x in
self.getPersonModule().objectIds()])
get_transaction().commit()
self.tic()
def login(self, quiet=0, run=1): def login(self, quiet=0, run=1):
uf = self.getPortal().acl_users uf = self.getUserFolder()
uf._doAddUser('alex', '', ['Manager', 'Assignee', 'Assignor', uf._doAddUser('alex', '', ['Manager', 'Assignee', 'Assignor',
'Associate', 'Auditor', 'Author'], []) 'Associate', 'Auditor', 'Author'], [])
user = uf.getUserById('alex').__of__(uf) user = uf.getUserById('alex').__of__(uf)
newSecurityManager(None, user) newSecurityManager(None, user)
def getUserFolder(self):
"""Returns the acl_users. """
return self.getPortal().acl_users
def test_GroupManagerInterfaces(self, run=RUN_ALL_TESTS): def test_GroupManagerInterfaces(self, run=RUN_ALL_TESTS):
"""Tests group manager plugin respects interfaces.""" """Tests group manager plugin respects interfaces."""
if not run: if not run:
...@@ -96,7 +109,7 @@ class TestERP5Security(ERP5TypeTestCase): ...@@ -96,7 +109,7 @@ class TestERP5Security(ERP5TypeTestCase):
"""Tests user folder has correct meta type.""" """Tests user folder has correct meta type."""
if not run: if not run:
return return
self.failUnless(isinstance(self.getPortal().acl_users, self.failUnless(isinstance(self.getUserFolder(),
PluggableAuthService.PluggableAuthService)) PluggableAuthService.PluggableAuthService))
def _makePerson(self, **kw): def _makePerson(self, **kw):
...@@ -109,10 +122,69 @@ class TestERP5Security(ERP5TypeTestCase): ...@@ -109,10 +122,69 @@ class TestERP5Security(ERP5TypeTestCase):
self.tic() self.tic()
return new_person return new_person
def _assertUserExists(self, login, password):
"""Checks that a user with login and password exists and can log in to the
system.
"""
from Products.PluggableAuthService.interfaces.plugins import\
IAuthenticationPlugin
uf = self.getUserFolder()
self.assertNotEquals(uf.getUserById(login, None), None)
for plugin_name, plugin in uf._getOb('plugins').listPlugins(
IAuthenticationPlugin ):
if plugin.authenticateCredentials(
{'login':login, 'password':password}) is not None:
break
else:
self.fail("No plugin could authenticate '%s' with password '%s'" %
(login, password))
def _assertUserDoesNotExists(self, login, password):
"""Checks that a user with login and password does not exists and cannot
log in to the system.
"""
from Products.PluggableAuthService.interfaces.plugins import\
IAuthenticationPlugin
uf = self.getUserFolder()
for plugin_name, plugin in uf._getOb('plugins').listPlugins(
IAuthenticationPlugin ):
if plugin.authenticateCredentials(
{'login':login, 'password':password}) is not None:
self.fail(
"Plugin %s should not have authenticated '%s' with password '%s'" %
(plugin_name, login, password))
def test_PersonWithLoginPasswordAreUsers(self, run=RUN_ALL_TESTS):
"""Tests a person with a login & password is a valid user."""
p = self._makePerson(reference='the_user', password='secret',
career_role='internal')
self._assertUserExists('the_user', 'secret')
def test_PersonWithLoginWithEmptyPasswordAreNotUsers(self, run=RUN_ALL_TESTS):
"""Tests a person with a login but no password is not a valid user."""
self._makePerson(reference='the_user', career_role='internal')
self._assertUserDoesNotExists('the_user', None)
self._makePerson(reference='another_user', password='',
career_role='internal')
self._assertUserDoesNotExists('another_user', '')
def test_PersonWithEmptyLoginAreNotUsers(self, run=RUN_ALL_TESTS):
"""Tests a person with a login & password is a valid user."""
self._makePerson(reference='', password='secret', career_role='internal')
self._assertUserDoesNotExists('', 'secret')
def test_PersonWithSuperUserLogin(self, run=RUN_ALL_TESTS):
"""Tests one cannot create person with the "super user" special login."""
from Products.ERP5Security.ERP5UserManager import SUPER_USER
self.assertRaises(RuntimeError, self._makePerson, reference=SUPER_USER)
def test_PersonWithSuperUserLogin(self, run=RUN_ALL_TESTS):
"""Tests one cannot use the "super user" special login."""
from Products.ERP5Security.ERP5UserManager import SUPER_USER
self._assertUserDoesNotExists(SUPER_USER, '')
def test_MultiplePersonReference(self, run=RUN_ALL_TESTS): def test_MultiplePersonReference(self, run=RUN_ALL_TESTS):
"""Tests that it's refused to create two Persons with same reference.""" """Tests that it's refused to create two Persons with same reference."""
if not run:
return
self._makePerson(reference='new_person') self._makePerson(reference='new_person')
self.assertRaises(RuntimeError, self._makePerson, reference='new_person') self.assertRaises(RuntimeError, self._makePerson, reference='new_person')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment