add tests and tox.ini (fixes #10069)

2016-02-24 01:01:33 +01:00 · 2016-02-24 01:01:33 +01:00 · ab48782517
parent f359d594a5
commit ab48782517
2 changed files with 158 additions and 0 deletions
--- a/tests/test_ldap_backend.py
+++ b/tests/test_ldap_backend.py
@ -0,0 +1,109 @@
+import logging
+import pytest
+
+from ldaptools.slapd import Slapd
+
+
+pytestmark = pytest.mark.django_db
+
+@pytest.fixture
+def slapd(request, settings):
+    slapd = Slapd(ldap_url=getattr(request, 'param', None))
+    slapd.add_ldif('''dn: uid=john.doe,o=orga
+objectClass: inetOrgPerson
+cn: John Doe
+sn: Doe
+mail: john.doe@example.com
+uid: john.doe
+uid: john.doe@entrouvert.com
+''')
+    settings.LDAP_AUTH_SETTINGS = [
+        {
+            'url': [slapd.ldap_url],
+            'basedn': 'o=orga',
+            'use_tls': False,
+        }
+    ]
+    return slapd
+
+def test_authenticate_no_principal_filter(slapd):
+    from authentic2_auth_kerberos.backends import A2LdapKerberosBackend
+
+    backend = A2LdapKerberosBackend()
+    assert backend.authenticate(principal='john.doe@ENTROUVERT.COM') is None
+
+def test_authenticate_success(slapd, settings, django_user_model, caplog):
+    from authentic2_auth_kerberos.backends import A2LdapKerberosBackend
+
+    User = django_user_model
+    settings.LDAP_AUTH_SETTINGS[0]['principal_filter'] = 'uid={username}'
+    backend = A2LdapKerberosBackend()
+    with caplog.atLevel(logging.INFO):
+        assert not backend.authenticate(principal='john.doe@ENTROUVERT.COM') is None
+    user = User.objects.get()
+    assert user.username == 'john.doe@ldap'
+    assert user.email == 'john.doe@example.com'
+    assert not caplog.records()
+
+
+def test_authenticate_principal_filter_with_realm(slapd, settings, django_user_model, caplog):
+    from authentic2_auth_kerberos.backends import A2LdapKerberosBackend
+
+    User = django_user_model
+    settings.LDAP_AUTH_SETTINGS[0]['principal_filter'] = 'uid={username}@{realm}'
+    backend = A2LdapKerberosBackend()
+    with caplog.atLevel(logging.INFO):
+        assert not backend.authenticate(principal='john.doe@ENTROUVERT.COM') is None
+    user = User.objects.get()
+    assert user.username == 'john.doe@ldap'
+    assert user.email == 'john.doe@example.com'
+    assert not caplog.records()
+
+
+def test_authenticate_bad_principal_filter(slapd, settings, django_user_model, caplog):
+    from authentic2_auth_kerberos.backends import A2LdapKerberosBackend
+
+    User = django_user_model
+    settings.LDAP_AUTH_SETTINGS[0]['principal_filter'] = 'uid={user}'
+    backend = A2LdapKerberosBackend()
+    with caplog.atLevel(logging.INFO):
+        assert backend.authenticate(principal='john.doe@ENTROUVERT.COM') is None
+    assert len(caplog.records()) == 1
+    assert 'principal_filter does not' in caplog.text()
+
+
+def test_authenticate_limit_to_realm_failure(slapd, settings, django_user_model, caplog):
+    from authentic2_auth_kerberos.backends import A2LdapKerberosBackend
+
+    User = django_user_model
+    settings.LDAP_AUTH_SETTINGS[0]['principal_filter'] = 'uid={username}'
+    settings.LDAP_AUTH_SETTINGS[0]['limit_to_realm'] = True
+    backend = A2LdapKerberosBackend()
+    with caplog.atLevel(logging.INFO):
+        assert backend.authenticate(principal='john.doe@ENTROUVERT.COM') is None
+    assert not caplog.records()
+
+
+def test_authenticate_limit_to_realm_success(slapd, settings, django_user_model):
+    from authentic2_auth_kerberos.backends import A2LdapKerberosBackend
+
+    User = django_user_model
+    settings.LDAP_AUTH_SETTINGS[0]['principal_filter'] = 'uid={username}'
+    settings.LDAP_AUTH_SETTINGS[0]['limit_to_realm'] = True
+    settings.LDAP_AUTH_SETTINGS[0]['realm'] = 'ENTROUVERT.COM'
+    backend = A2LdapKerberosBackend()
+    assert not backend.authenticate(principal='john.doe@ENTROUVERT.COM') is None
+    user = User.objects.get()
+    assert user.username == 'john.doe@ENTROUVERT.COM'
+
+
+def test_authenticate_limit_to_realm_success(slapd, settings, django_user_model, caplog):
+    from authentic2_auth_kerberos.backends import A2LdapKerberosBackend
+
+    User = django_user_model
+    settings.LDAP_AUTH_SETTINGS[0]['principal_filter'] = 'uid={username}'
+    backend = A2LdapKerberosBackend()
+    with caplog.atLevel(logging.INFO):
+        assert backend.authenticate(principal='foo.bar@ENTROUVERT.COM') is None
+    assert len(caplog.records()) == 1
+    assert 'principal foo.bar@ENTROUVERT.COM not found' in caplog.text()
--- a/tox.ini
+++ b/tox.ini
@ -0,0 +1,49 @@
+# Tox (http://tox.testrun.org/) is a tool for running tests
+# in multiple virtualenvs. This configuration file will run the
+# test suite on all supported python versions. To use it, "pip install tox"
+# and then run "tox" from this directory.
+
+[tox]
+envlist = coverage, nocoverage, package
+
+[testenv:coverage]
+setenv =
+    DJANGO_SETTINGS_MODULE=authentic2.settings
+usedevelop = true
+deps = pytest
+    pytest-cov
+    pytest-random
+    pytest-django
+    pytest-capturelog
+    ldaptools
+    http://git.entrouvert.org/authentic.git/snapshot/authentic-master.tar.bz2
+    django-kerberos
+commands =
+    py.test {posargs:--junit-xml=junit.xml --cov=src --cov-report xml --nomigrations tests}
+
+[testenv:nocoverage]
+setenv =
+    DJANGO_SETTINGS_MODULE=authentic2.settings
+deps = pytest
+    pytest-cov
+    pytest-random
+    pytest-django
+    pytest-capturelog
+    ldaptools
+    http://git.entrouvert.org/authentic.git/snapshot/authentic-master.tar.bz2
+    django-kerberos
+commands =
+    pip install -e ../authentic2
+    py.test {posargs:--nomigrations tests}
+
+[testenv:package]
+# eobuilder is not on pypi, too bad
+whitelist_externals = /bin/sh
+deps = setuptools
+  pip<8
+  pyasn1
+  ndg-httpsclient
+  pyopenssl
+commands =
+  pip install -U --find-links https://jenkins.entrouvert.org/packages/ eobuilder
+  sh -c "sudo -u eobuilder -E env HOME=/var/lib/eobuilder PATH=$PATH $VIRTUAL_ENV/bin/eobuilder-ctl -d wheezy,jessie {posargs:authentic2-auth-kerberos}"