tests: improve ldap tests with non ASCII characters in uid (#31273)
This commit is contained in:
parent
b475f6b7df
commit
fe345e5746
|
@ -26,9 +26,11 @@ from ldap.dn import escape_dn_chars
|
||||||
from ldaptools.slapd import Slapd, has_slapd
|
from ldaptools.slapd import Slapd, has_slapd
|
||||||
from django.contrib.auth import get_user_model, authenticate
|
from django.contrib.auth import get_user_model, authenticate
|
||||||
from django.core.exceptions import ImproperlyConfigured
|
from django.core.exceptions import ImproperlyConfigured
|
||||||
|
from django.core import management
|
||||||
from django.core import mail
|
from django.core import mail
|
||||||
from django.utils.encoding import force_text
|
from django.utils.encoding import force_text
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
|
from django.utils.six.moves.urllib import parse as urlparse
|
||||||
|
|
||||||
from authentic2.a2_rbac.utils import get_default_ou
|
from authentic2.a2_rbac.utils import get_default_ou
|
||||||
from django_rbac.utils import get_ou_model
|
from django_rbac.utils import get_ou_model
|
||||||
|
@ -88,11 +90,11 @@ objectClass: groupOfNames
|
||||||
member: {dn}
|
member: {dn}
|
||||||
|
|
||||||
'''.format(dn=DN, uid=UID, password=PASS))
|
'''.format(dn=DN, uid=UID, password=PASS))
|
||||||
for i in range(100):
|
for i in range(5):
|
||||||
slapd.add_ldif('''dn: uid=michu{i},o=ôrga
|
slapd.add_ldif('''dn: uid=mïchu{i},o=ôrga
|
||||||
objectClass: inetOrgPerson
|
objectClass: inetOrgPerson
|
||||||
userPassword: {password}
|
userPassword: {password}
|
||||||
uid: michu{i}
|
uid: mïchu{i}
|
||||||
cn: Étienne Michu
|
cn: Étienne Michu
|
||||||
sn: Michu
|
sn: Michu
|
||||||
gn: Étienne
|
gn: Étienne
|
||||||
|
@ -105,8 +107,6 @@ gidNumber: 10
|
||||||
objectClass: posixGroup
|
objectClass: posixGroup
|
||||||
memberUid: {uid}
|
memberUid: {uid}
|
||||||
'''.format(uid=UID)
|
'''.format(uid=UID)
|
||||||
for i in range(100):
|
|
||||||
group_ldif += 'memberUid: michu{i}\n'.format(i=i)
|
|
||||||
group_ldif += '\n\n'
|
group_ldif += '\n\n'
|
||||||
slapd.add_ldif(group_ldif)
|
slapd.add_ldif(group_ldif)
|
||||||
return slapd
|
return slapd
|
||||||
|
@ -381,6 +381,7 @@ def test_group_staff(slapd, settings, client, db):
|
||||||
def test_get_users(slapd, settings, db):
|
def test_get_users(slapd, settings, db):
|
||||||
import django.db.models.base
|
import django.db.models.base
|
||||||
from types import MethodType
|
from types import MethodType
|
||||||
|
from django.contrib.auth.models import Group
|
||||||
|
|
||||||
settings.LDAP_AUTH_SETTINGS = [{
|
settings.LDAP_AUTH_SETTINGS = [{
|
||||||
'url': [slapd.ldap_url],
|
'url': [slapd.ldap_url],
|
||||||
|
@ -398,13 +399,16 @@ def test_get_users(slapd, settings, db):
|
||||||
django.db.models.query.QuerySet.bulk_create = MethodType(bulk_create, None,
|
django.db.models.query.QuerySet.bulk_create = MethodType(bulk_create, None,
|
||||||
django.db.models.query.QuerySet)
|
django.db.models.query.QuerySet)
|
||||||
|
|
||||||
|
assert Group.objects.count() == 0
|
||||||
# Provision all users and their groups
|
# Provision all users and their groups
|
||||||
assert User.objects.count() == 0
|
assert User.objects.count() == 0
|
||||||
users = list(ldap_backend.LDAPBackend.get_users())
|
users = list(ldap_backend.LDAPBackend.get_users())
|
||||||
assert len(users) == 101
|
assert len(users) == 6
|
||||||
assert User.objects.count() == 101
|
assert User.objects.count() == 6
|
||||||
assert bulk_create.call_count == 101
|
assert bulk_create.call_count == 1
|
||||||
assert save.call_count == 303
|
assert save.call_count == 18
|
||||||
|
assert Group.objects.count() == 1
|
||||||
|
assert Group.objects.get().user_set.count() == 1
|
||||||
|
|
||||||
# Check that if nothing changed no save() is made
|
# Check that if nothing changed no save() is made
|
||||||
save.reset_mock()
|
save.reset_mock()
|
||||||
|
@ -416,11 +420,11 @@ def test_get_users(slapd, settings, db):
|
||||||
# Check that if we delete 1 user, only this user is created
|
# Check that if we delete 1 user, only this user is created
|
||||||
save.reset_mock()
|
save.reset_mock()
|
||||||
bulk_create.reset_mock()
|
bulk_create.reset_mock()
|
||||||
User.objects.last().delete()
|
User.objects.filter(username='etienne.michu@ldap').delete()
|
||||||
assert User.objects.count() == 100
|
assert User.objects.count() == 5
|
||||||
users = list(ldap_backend.LDAPBackend.get_users())
|
users = list(ldap_backend.LDAPBackend.get_users())
|
||||||
assert len(users) == 101
|
assert len(users) == 6
|
||||||
assert User.objects.count() == 101
|
assert User.objects.count() == 6
|
||||||
assert save.call_count == 3
|
assert save.call_count == 3
|
||||||
assert bulk_create.call_count == 1
|
assert bulk_create.call_count == 1
|
||||||
|
|
||||||
|
@ -431,8 +435,8 @@ def test_get_users(slapd, settings, db):
|
||||||
save.reset_mock()
|
save.reset_mock()
|
||||||
bulk_create.reset_mock()
|
bulk_create.reset_mock()
|
||||||
users = list(ldap_backend.LDAPBackend.get_users())
|
users = list(ldap_backend.LDAPBackend.get_users())
|
||||||
assert len(users) == 101
|
assert len(users) == 6
|
||||||
assert User.objects.count() == 101
|
assert User.objects.count() == 6
|
||||||
assert save.call_count == 0
|
assert save.call_count == 0
|
||||||
assert bulk_create.call_count == 0
|
assert bulk_create.call_count == 0
|
||||||
|
|
||||||
|
@ -446,9 +450,9 @@ def test_get_users(slapd, settings, db):
|
||||||
user = ldap_backend.LDAPUser.objects.get(username='%s@ldap' % UID)
|
user = ldap_backend.LDAPUser.objects.get(username='%s@ldap' % UID)
|
||||||
user.last_login = timezone.now()
|
user.last_login = timezone.now()
|
||||||
user.save()
|
user.save()
|
||||||
assert ldap_backend.LDAPUser.objects.count() == 102
|
assert ldap_backend.LDAPUser.objects.count() == 7
|
||||||
users = list(ldap_backend.LDAPBackend.get_users())
|
users = list(ldap_backend.LDAPBackend.get_users())
|
||||||
assert len(users) == 101
|
assert len(users) == 6
|
||||||
assert ldap_backend.LDAPUser.objects.filter(username='%s' % UID.capitalize()).count() == 0
|
assert ldap_backend.LDAPUser.objects.filter(username='%s' % UID.capitalize()).count() == 0
|
||||||
|
|
||||||
|
|
||||||
|
@ -694,11 +698,11 @@ def test_user_attributes(slapd, settings, client, db):
|
||||||
client.post('/login/',
|
client.post('/login/',
|
||||||
{
|
{
|
||||||
'login-password-submit': '1',
|
'login-password-submit': '1',
|
||||||
'username': 'michu%s' % i,
|
'username': u'mïchu%s' % i,
|
||||||
'password': PASS,
|
'password': PASS,
|
||||||
},
|
},
|
||||||
follow=True)
|
follow=True)
|
||||||
username = u'michu%s@ldap' % i
|
username = u'mïchu%s@ldap' % i
|
||||||
user = User.objects.get(username=username)
|
user = User.objects.get(username=username)
|
||||||
assert user.attributes.locality == u'locality%s' % i
|
assert user.attributes.locality == u'locality%s' % i
|
||||||
client.session.flush()
|
client.session.flush()
|
||||||
|
@ -774,3 +778,41 @@ def test_ou_selector_default_ou(slapd, settings, app, ou1):
|
||||||
response.form.set('ou', str(get_default_ou().pk))
|
response.form.set('ou', str(get_default_ou().pk))
|
||||||
response = response.form.submit(name='login-password-submit').follow()
|
response = response.form.submit(name='login-password-submit').follow()
|
||||||
assert '_auth_user_id' in app.session
|
assert '_auth_user_id' in app.session
|
||||||
|
|
||||||
|
|
||||||
|
def test_sync_ldap_users(slapd, settings, app, db):
|
||||||
|
settings.LDAP_AUTH_SETTINGS = [{
|
||||||
|
'url': [slapd.ldap_url],
|
||||||
|
'basedn': u'o=ôrga',
|
||||||
|
'use_tls': False,
|
||||||
|
'user_attributes': [
|
||||||
|
{
|
||||||
|
'from_ldap': 'l',
|
||||||
|
'to_user': 'locality',
|
||||||
|
},
|
||||||
|
]
|
||||||
|
}]
|
||||||
|
|
||||||
|
# create a locality attribute
|
||||||
|
models.Attribute.objects.create(
|
||||||
|
label='locality',
|
||||||
|
name='locality',
|
||||||
|
kind='string',
|
||||||
|
required=False,
|
||||||
|
user_visible=True,
|
||||||
|
user_editable=False,
|
||||||
|
asked_on_registration=False,
|
||||||
|
multiple=False)
|
||||||
|
|
||||||
|
assert User.objects.count() == 0
|
||||||
|
management.call_command('sync-ldap-users')
|
||||||
|
assert User.objects.count() == 6
|
||||||
|
assert all(user.first_name == u'Étienne' for user in User.objects.all())
|
||||||
|
assert all(user.attributes.first_name == u'Étienne' for user in User.objects.all())
|
||||||
|
assert all(user.last_name == u'Michu' for user in User.objects.all())
|
||||||
|
assert all(user.attributes.last_name == u'Michu' for user in User.objects.all())
|
||||||
|
assert all(user.attributes.locality == u'Paris' or user.attributes.locality.startswith('locality')
|
||||||
|
for user in User.objects.all())
|
||||||
|
assert all([user.userexternalid_set.first().external_id
|
||||||
|
== urlparse.quote(user.username.split('@')[0].encode('utf-8'))
|
||||||
|
for user in User.objects.all()])
|
||||||
|
|
Loading…
Reference in New Issue