python3: encoding variations in ldap testing

2020-02-07 14:11:45 +01:00 · 2020-02-07 14:11:45 +01:00 · f8d17c020e
parent a93bcee205
commit f8d17c020e
1 changed files with 21 additions and 20 deletions
--- a/tests/test_ldap.py
+++ b/tests/test_ldap.py
@ -28,6 +28,7 @@ from django.contrib.auth import get_user_model
 from django.core.exceptions import ImproperlyConfigured
 from django.core import management
 from django.core import mail
+from django.utils.encoding import force_bytes
 from django.utils.encoding import force_text
 from django.utils import timezone
 from django.utils.six.moves.urllib import parse as urlparse
@ -132,7 +133,7 @@ def test_simple(slapd, settings, client, db):
                                     'username': USERNAME,
                                     'password': PASS}, follow=True)
    assert result.status_code == 200
-    assert 'Étienne Michu' in str(result)
+    assert force_bytes('Étienne Michu') in result.content
    assert User.objects.count() == 1
    user = User.objects.get()
    assert user.username == u'%s@ldap' % USERNAME
@ -160,7 +161,7 @@ def test_simple_with_binddn(slapd, settings, client):
                                     'username': USERNAME,
                                     'password': PASS}, follow=True)
    assert result.status_code == 200
-    assert 'Étienne Michu' in str(result)
+    assert force_bytes('Étienne Michu') in result.content
    assert User.objects.count() == 1
    user = User.objects.get()
    assert user.username == u'%s@ldap' % USERNAME
@ -196,9 +197,9 @@ def test_keep_password_in_session(slapd, settings, client, db):
    }]
    result = client.post('/login/', {'login-password-submit': '1',
                                     'username': USERNAME,
-                                     'password': PASS.decode('utf-8')}, follow=True)
+                                     'password': PASS}, follow=True)
    assert result.status_code == 200
-    assert 'Étienne Michu' in str(result)
+    assert force_bytes('Étienne Michu') in result.content
    assert User.objects.count() == 1
    user = User.objects.get()
    assert user.username == u'%s@ldap' % USERNAME
@ -207,9 +208,9 @@ def test_keep_password_in_session(slapd, settings, client, db):
    assert user.ou == get_default_ou()
    assert not user.check_password(PASS)
    assert client.session['ldap-data']['password']
-    assert DN in result.context['request'].user.ldap_data['password']
+    assert force_bytes(DN) in result.context['request'].user.ldap_data[b'password']
    assert crypto.aes_base64_decrypt(
-        settings.SECRET_KEY, result.context['request'].user.ldap_data['password'][DN]) == PASS
+        settings.SECRET_KEY, result.context['request'].user.ldap_data[b'password'][force_bytes(DN)]) == force_bytes(PASS)


@pytest.mark.django_db
@ -226,7 +227,7 @@ def test_custom_ou(slapd, settings, client):
                                     'username': USERNAME,
                                     'password': PASS}, follow=True)
    assert result.status_code == 200
-    assert 'Étienne Michu' in str(result)
+    assert force_bytes('Étienne Michu') in result.content
    assert User.objects.count() == 1
    user = User.objects.get()
    assert user.username == u'%s@ldap' % USERNAME
@ -579,7 +580,7 @@ def slapd_strict_acl(slapd):
        dn,
        [
            (ldap.MOD_REPLACE, 'olcAccess', [
-                '{0}to * by dn.subtree="o=ôrga" none by * manage'
+                force_bytes('{0}to * by dn.subtree="o=ôrga" none by * manage')
            ])
        ])
    return slapd
@ -603,14 +604,14 @@ def test_no_connect_with_user_credentials(slapd_strict_acl, db, settings, app):
    response.form.set('password', PASS)
    response = response.form.submit('login-password-submit')
    assert response.status_code == 200
-    assert 'Étienne Michu' not in response.body
+    assert force_bytes('Étienne Michu') not in response.body

    settings.LDAP_AUTH_SETTINGS[0]['connect_with_user_credentials'] = False
    response = app.get('/login/')
    response.form.set('username', USERNAME)
    response.form.set('password', PASS)
    response = response.form.submit('login-password-submit').follow()
-    assert 'Étienne Michu' in response.body
+    assert force_bytes('Étienne Michu') in response.body


 def test_reset_password_ldap_user(slapd, settings, app, db):
@ -645,7 +646,7 @@ def test_reset_password_ldap_user(slapd, settings, app, db):
    reset_email_url = utils.get_link_from_mail(mail.outbox[0])
    response = app.get(reset_email_url, status=302)
    response = response.maybe_follow()
-    assert 'login-password-submit' in response.content
+    assert 'login-password-submit' in response.text
    settings.LDAP_AUTH_SETTINGS[0]['can_reset_password'] = True
    response = app.get(reset_email_url, status=200)
    new_password = 'Aa1xxxxx'
@ -683,8 +684,8 @@ def test_user_cannot_change_password(slapd, settings, app, db):
 def test_tls(db, tls_slapd, settings, client):
    conn = tls_slapd.get_connection_admin()
    conn.modify_s('cn=config', [
-        (ldap.MOD_ADD, 'olcTLSCACertificateFile', cert_file),
-        (ldap.MOD_ADD, 'olcTLSVerifyClient', 'demand'),
+        (ldap.MOD_ADD, 'olcTLSCACertificateFile', force_bytes(cert_file)),
+        (ldap.MOD_ADD, 'olcTLSVerifyClient', b'demand'),
    ])

    # without TLS it does not work
@ -697,8 +698,8 @@ def test_tls(db, tls_slapd, settings, client):
                                     'username': USERNAME,
                                     'password': PASS}, follow=True)
    assert result.status_code == 200
-    assert 'Étienne Michu' not in str(result)
-    assert 'name="username"' in str(result)
+    assert force_bytes('Étienne Michu') not in result.content
+    assert force_bytes('name="username"') in result.content

    # without TLS client authentication it does not work
    settings.LDAP_AUTH_SETTINGS = [{
@ -711,8 +712,8 @@ def test_tls(db, tls_slapd, settings, client):
                                     'username': USERNAME,
                                     'password': PASS}, follow=True)
    assert result.status_code == 200
-    assert 'Étienne Michu' not in str(result)
-    assert 'name="username"' in str(result)
+    assert force_bytes('Étienne Michu') not in result.content
+    assert force_bytes('name="username"') in result.content

    # now it works !
    settings.LDAP_AUTH_SETTINGS = [{
@ -727,8 +728,8 @@ def test_tls(db, tls_slapd, settings, client):
                                     'username': USERNAME,
                                     'password': PASS}, follow=True)
    assert result.status_code == 200
-    assert 'Étienne Michu' in str(result)
-    assert 'name="username"' not in str(result)
+    assert force_bytes('Étienne Michu') in result.content
+    assert force_bytes('name="username"') not in result.content


 def test_user_attributes(slapd, settings, client, db):
@ -939,7 +940,7 @@ def test_get_attributes(slapd, settings, db, rf):
    assert user.check_password(UPASS)
    # modify LDAP record and check attributes are updated
    conn = slapd.get_connection_admin()
-    ldif = [(ldap.MOD_REPLACE, 'sn', ['Micho'])]
+    ldif = [(ldap.MOD_REPLACE, 'sn', [b'Micho'])]
    conn.modify_s(DN, ldif)
    assert user.get_attributes(object(), {}) == {
        'dn': u'cn=\xc9tienne Michu,o=\xf4rga',