entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 33 Releases Activity

tests: improve ldap tests with non ASCII characters in uid (#31273)

This commit is contained in:
Benjamin Dauvergne 2019-03-11 20:49:20 +01:00
parent b475f6b7df
commit fe345e5746
1 changed files with 61 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
tests/test_ldap.py
View File

@ -26,9 +26,11 @@ from ldap.dn import escape_dn_chars
from ldaptools.slapd import Slapd, has_slapd
from django.contrib.auth import get_user_model, authenticate
from django.core.exceptions import ImproperlyConfigured
from django.core import management
from django.core import mail
from django.utils.encoding import force_text
from django.utils import timezone
from django.utils.six.moves.urllib import parse as urlparse
from authentic2.a2_rbac.utils import get_default_ou
from django_rbac.utils import get_ou_model
@ -88,11 +90,11 @@ objectClass: groupOfNames
member: {dn}
'''.format(dn=DN, uid=UID, password=PASS))
for i in range(100):
slapd.add_ldif('''dn: uid=michu{i},o=ôrga
for i in range(5):
slapd.add_ldif('''dn: uid=mïchu{i},o=ôrga
objectClass: inetOrgPerson
userPassword: {password}
uid: michu{i}
uid: mïchu{i}
cn: Étienne Michu
sn: Michu
gn: Étienne
@ -105,8 +107,6 @@ gidNumber: 10
objectClass: posixGroup
memberUid: {uid}
'''.format(uid=UID)
for i in range(100):
group_ldif += 'memberUid: michu{i}\n'.format(i=i)
group_ldif += '\n\n'
slapd.add_ldif(group_ldif)
return slapd
@ -381,6 +381,7 @@ def test_group_staff(slapd, settings, client, db):
def test_get_users(slapd, settings, db):
import django.db.models.base
from types import MethodType
from django.contrib.auth.models import Group
settings.LDAP_AUTH_SETTINGS = [{
'url': [slapd.ldap_url],
@ -398,13 +399,16 @@ def test_get_users(slapd, settings, db):
django.db.models.query.QuerySet.bulk_create = MethodType(bulk_create, None,
django.db.models.query.QuerySet)
assert Group.objects.count() == 0
# Provision all users and their groups
assert User.objects.count() == 0
users = list(ldap_backend.LDAPBackend.get_users())
assert len(users) == 101
assert User.objects.count() == 101
assert bulk_create.call_count == 101
assert save.call_count == 303
assert len(users) == 6
assert User.objects.count() == 6
assert bulk_create.call_count == 1
assert save.call_count == 18
assert Group.objects.count() == 1
assert Group.objects.get().user_set.count() == 1
# Check that if nothing changed no save() is made
save.reset_mock()
@ -416,11 +420,11 @@ def test_get_users(slapd, settings, db):
# Check that if we delete 1 user, only this user is created
save.reset_mock()
bulk_create.reset_mock()
User.objects.last().delete()
assert User.objects.count() == 100
User.objects.filter(username='etienne.michu@ldap').delete()
assert User.objects.count() == 5
users = list(ldap_backend.LDAPBackend.get_users())
assert len(users) == 101
assert User.objects.count() == 101
assert len(users) == 6
assert User.objects.count() == 6
assert save.call_count == 3
assert bulk_create.call_count == 1
@ -431,8 +435,8 @@ def test_get_users(slapd, settings, db):
save.reset_mock()
bulk_create.reset_mock()
users = list(ldap_backend.LDAPBackend.get_users())
assert len(users) == 101
assert User.objects.count() == 101
assert len(users) == 6
assert User.objects.count() == 6
assert save.call_count == 0
assert bulk_create.call_count == 0
@ -446,9 +450,9 @@ def test_get_users(slapd, settings, db):
user = ldap_backend.LDAPUser.objects.get(username='%s@ldap' % UID)
user.last_login = timezone.now()
user.save()
assert ldap_backend.LDAPUser.objects.count() == 102
assert ldap_backend.LDAPUser.objects.count() == 7
users = list(ldap_backend.LDAPBackend.get_users())
assert len(users) == 101
assert len(users) == 6
assert ldap_backend.LDAPUser.objects.filter(username='%s' % UID.capitalize()).count() == 0
@ -694,11 +698,11 @@ def test_user_attributes(slapd, settings, client, db):
client.post('/login/',
{
'login-password-submit': '1',
'username': 'michu%s' % i,
'username': u'chu%s' % i,
'password': PASS,
},
follow=True)
username = u'michu%s@ldap' % i
username = u'mïchu%s@ldap' % i
user = User.objects.get(username=username)
assert user.attributes.locality == u'locality%s' % i
client.session.flush()
@ -774,3 +778,41 @@ def test_ou_selector_default_ou(slapd, settings, app, ou1):
response.form.set('ou', str(get_default_ou().pk))
response = response.form.submit(name='login-password-submit').follow()
assert '_auth_user_id' in app.session
def test_sync_ldap_users(slapd, settings, app, db):
settings.LDAP_AUTH_SETTINGS = [{
'url': [slapd.ldap_url],
'basedn': u'o=ôrga',
'use_tls': False,
'user_attributes': [
{
'from_ldap': 'l',
'to_user': 'locality',
},
]
}]
# create a locality attribute
models.Attribute.objects.create(
label='locality',
name='locality',
kind='string',
required=False,
user_visible=True,
user_editable=False,
asked_on_registration=False,
multiple=False)
assert User.objects.count() == 0
management.call_command('sync-ldap-users')
assert User.objects.count() == 6
assert all(user.first_name == u'Étienne' for user in User.objects.all())
assert all(user.attributes.first_name == u'Étienne' for user in User.objects.all())
assert all(user.last_name == u'Michu' for user in User.objects.all())
assert all(user.attributes.last_name == u'Michu' for user in User.objects.all())
assert all(user.attributes.locality == u'Paris' or user.attributes.locality.startswith('locality')
for user in User.objects.all())
assert all([user.userexternalid_set.first().external_id
== urlparse.quote(user.username.split('@')[0].encode('utf-8'))
for user in User.objects.all()])