77 lines
2.6 KiB
Python
77 lines
2.6 KiB
Python
# authentic2 - versatile identity manager
|
|
# Copyright (C) 2010-2022 Entr'ouvert
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify it
|
|
# under the terms of the GNU Affero General Public License as published
|
|
# by the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
from .utils import login, logout
|
|
|
|
|
|
def test_authenticators_authorization(app, simple_user, superuser):
|
|
resp = login(app, simple_user)
|
|
app.get('/manage/authenticators/', status=403)
|
|
|
|
logout(app)
|
|
resp = login(app, superuser, path='/manage/')
|
|
assert 'Authenticators' in resp.text
|
|
|
|
resp = resp.click('Authenticators')
|
|
assert 'Authenticators' in resp.text
|
|
|
|
|
|
def test_authenticators_password(app, superuser):
|
|
resp = login(app, superuser, path='/manage/authenticators/')
|
|
# Password authenticator already exists
|
|
assert 'Password' in resp.text
|
|
|
|
resp = resp.click('Configure')
|
|
assert 'Click "Edit" to change configuration.' in resp.text
|
|
# cannot delete password authenticator
|
|
assert 'Delete' not in resp.text
|
|
app.get('/manage/authenticators/1/delete/', status=403)
|
|
|
|
resp = resp.click('Edit')
|
|
assert list(resp.form.fields) == [
|
|
'csrfmiddlewaretoken',
|
|
'order',
|
|
'show_condition',
|
|
'remember_me',
|
|
'include_ou_selector',
|
|
None,
|
|
]
|
|
|
|
resp.form['show_condition'] = '}'
|
|
resp = resp.form.submit()
|
|
assert 'template syntax error: Could not parse' in resp.text
|
|
|
|
resp.form['show_condition'] = "'backoffice' in login_hint or remotre_addr == '1.2.3.4'"
|
|
resp = resp.form.submit().follow()
|
|
assert 'Click "Edit" to change configuration.' not in resp.text
|
|
assert (
|
|
"Show condition: 'backoffice' in login_hint or remotre_addr == '1.2.3.4'" in resp.text
|
|
)
|
|
|
|
resp = resp.click('Disable').follow()
|
|
assert 'Authenticator has been disabled.' in resp.text
|
|
|
|
resp = app.get('/manage/authenticators/')
|
|
assert 'class="section disabled"' in resp.text
|
|
|
|
resp = resp.click('Configure')
|
|
resp = resp.click('Enable').follow()
|
|
assert 'Authenticator has been enabled.' in resp.text
|
|
|
|
# cannot add another password authenticator
|
|
resp = app.get('/manage/authenticators/add/')
|
|
assert 'Password' not in resp.text
|