utils: set LDAP auth backend when resetting password of an LDAP account (#52638)

2021-04-01 17:06:39 +02:00 · 2021-04-01 17:06:39 +02:00 · 0a880ddde4
parent 269a3ba9cf
commit 0a880ddde4
2 changed files with 13 additions and 7 deletions
--- a/src/authentic2/utils/init.py
+++ b/src/authentic2/utils/init.py
@ -1150,13 +1150,14 @@ def same_origin(url1, url2):
    return True


-def simulate_authentication(
-    request, user, method, backend='authentic2.backends.models_backend.ModelBackend', service=None, **kwargs
-):
-    '''Simulate a normal login by forcing a backend attribute on the user instance'''
-    # do not modify the passed user
-    user = copy.deepcopy(user)
-    user.backend = backend
+def simulate_authentication(request, user, method, backend=None, service=None, **kwargs):
+    '''Simulate a normal login by eventually forcing a backend attribute on the
+       user instance'''
+    if not getattr(user, 'backend', None) and not backend:
+        backend = 'authentic2.backends.models_backend.ModelBackend'
+    if backend:
+        user = copy.deepcopy(user)
+        user.backend = backend
    return login(request, user, method, service=service, record=False, **kwargs)


--- a/tests/test_ldap.py
+++ b/tests/test_ldap.py
@ -878,6 +878,9 @@ def reset_password_ldap_user(settings, app):
    response.form['new_password1'] = new_password
    response.form['new_password2'] = new_password
    response = response.form.submit(status=302).maybe_follow()
+    assert app.session['_auth_user_backend'] == 'authentic2.backends.ldap_backend.LDAPBackendPasswordLost'
+    template_user = response.context['user']
+    assert 'carlicense' in template_user.get_attributes(object(), {})
    # logout
    response = response.click('Logout').maybe_follow()
    return new_password
@ -891,6 +894,7 @@ def test_reset_password_ldap_user(slapd, settings, app, db):
            'bindpw': force_text(slapd.root_bind_password),
            'basedn': u'o=ôrga',
            'use_tls': False,
+            'attributes': ['uid', 'carLicense'],
        }
    ]
    new_password = reset_password_ldap_user(settings, app)
@ -1291,6 +1295,7 @@ def test_login_ppolicy_pwdExpireWarning(slapd_ppolicy, settings, app, db, caplog
            'bindpw': force_text(slapd_ppolicy.root_bind_password),
            'basedn': u'o=ôrga',
            'use_tls': False,
+            'attributes': ['carLicense'],
        }
    ]