source: main/waeup.kofa/trunk/src/waeup/kofa/mandates/tests.py @ 15479

Last change on this file since 15479 was 15287, checked in by Henrik Bettermann, 6 years ago

Stored insecure passwords are no longer accepted.
Officers with an insecure password can't login and are
redirected to the ChangePasswordRequestPage to request a
new password.

  • Property svn:keywords set to Id
File size: 10.7 KB
RevLine 
[8846]1## $Id: tests.py 15287 2019-01-09 21:17:08Z henrik $
2##
3## Copyright (C) 2012 Uli Fouquet & Henrik Bettermann
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8##
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13##
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17##
18"""
19Tests for mandates.
20"""
21import tempfile
22import shutil
[8860]23import os
[8848]24from zope.testbrowser.testing import Browser
[8846]25from datetime import datetime, timedelta
26from zope.interface.verify import verifyClass, verifyObject
27from zope.component import createObject
28from zope.component.hooks import setSite, clearSite
29from waeup.kofa.app import University
30from waeup.kofa.interfaces import IUserAccount
31from waeup.kofa.mandates.interfaces import (
32    IMandatesContainer, IMandate)
33from waeup.kofa.mandates.container import MandatesContainer
[13988]34from waeup.kofa.mandates.mandate import PasswordMandate, RefereeReportMandate
[8846]35from waeup.kofa.testing import (FunctionalLayer, FunctionalTestCase)
[15287]36from waeup.kofa.tests.test_authentication import SECRET
[8846]37
38class MandatesContainerTestCase(FunctionalTestCase):
39
40    layer = FunctionalLayer
41
42    def test_interfaces(self):
43        # Make sure the correct interfaces are implemented.
44        self.assertTrue(
45            verifyClass(
46                IMandatesContainer, MandatesContainer)
47            )
48        self.assertTrue(
49            verifyObject(
50                IMandatesContainer, MandatesContainer())
51            )
52        self.assertTrue(
53            verifyClass(
[8857]54                IMandate, PasswordMandate)
[8846]55            )
56        self.assertTrue(
57            verifyObject(
[8857]58                IMandate, PasswordMandate())
[8846]59            )
60        return
61
62    def setUp(self):
63        super(MandatesContainerTestCase, self).setUp()
64
65        # Setup a sample site for each test
66        app = University()
67        self.dc_root = tempfile.mkdtemp()
68        app['datacenter'].setStoragePath(self.dc_root)
69
70        # Prepopulate the ZODB...
71        self.getRootFolder()['app'] = app
72        # we add the site immediately after creation to the
73        # ZODB. Catalogs and other local utilities are not setup
74        # before that step.
75        self.app = self.getRootFolder()['app']
76        # Set site here. Some of the following setup code might need
77        # to access grok.getSite() and should get our new app then
78        setSite(app)
79
[8848]80        self.browser = Browser()
81        self.browser.handleErrors = False
82
[8846]83    def tearDown(self):
84        super(MandatesContainerTestCase, self).tearDown()
85        clearSite()
86        shutil.rmtree(self.dc_root)
87
[8857]88    def test_set_student_password(self):
[8846]89        student = createObject('waeup.Student')
90        # Add and execute a mandate with missing parameters.
[8857]91        mandate = PasswordMandate()
[13987]92        IUserAccount(student).setPassword('old_pw')
[8846]93        self.app['mandates'].addMandate(mandate)
[13986]94        (msg, redirect_path) = mandate.execute()
95        self.assertEqual(redirect_path, '')
[8846]96        self.assertEqual(msg, u'Wrong mandate parameters.')
97        # Add and execute an expired mandate.
[8857]98        mandate = PasswordMandate(days=0)
[13987]99        mandate.params['user'] = student
100        mandate.params['password'] = 'mypwd1'
[8846]101        self.app['mandates'].addMandate(mandate)
[13986]102        (msg, redirect_path) = mandate.execute()
[8846]103        self.assertEqual(msg, u'Mandate expired.')
[13986]104        self.assertEqual(redirect_path, '')
[13987]105        # Password has not been set
106        self.assertTrue(IUserAccount(student).checkPassword('old_pw'))
[8848]107        # Add and execute a perfect mandate
[8857]108        mandate = PasswordMandate()
[8858]109        mandate.params['user'] = student
[8846]110        mandate.params['password'] = 'mypwd1'
111        self.app['mandates'].addMandate(mandate)
[13986]112        (msg, redirect_path) = mandate.execute()
[8846]113        # Password has been set.
[13986]114        self.assertEqual(msg,
115            'Password has been successfully set. Login with your new password.')
[13990]116        self.assertEqual(redirect_path, '/login')
[8846]117        self.assertTrue(IUserAccount(student).checkPassword('mypwd1'))
118        # All mandates have been removed.
119        self.assertEqual(len(self.app['mandates'].keys()), 0)
[8860]120        logfile = os.path.join(
121            self.app['datacenter'].storage, 'logs', 'main.log')
122        logcontent = open(logfile).read()
123        self.assertTrue('system - PasswordMandate used: K1000000' in logcontent)
[8846]124
[8857]125    def test_set_officer_password(self):
[15287]126        self.app['users'].addUser('bob', SECRET)
[8857]127        officer = self.app['users']['bob']
128        mandate = PasswordMandate()
[8858]129        mandate.params['user'] = officer
[15287]130        mandate.params['password'] = SECRET
[8857]131        self.app['mandates'].addMandate(mandate)
[13986]132        (msg, redirect_path) = mandate.execute()
[8857]133        # Password has been set.
[13986]134        self.assertEqual(msg,
135            'Password has been successfully set. Login with your new password.')
[13990]136        self.assertEqual(redirect_path, '/login')
[15287]137        self.assertTrue(IUserAccount(officer).checkPassword(SECRET))
[8860]138        logfile = os.path.join(
139            self.app['datacenter'].storage, 'logs', 'main.log')
140        logcontent = open(logfile).read()
141        self.assertTrue('system - PasswordMandate used: bob' in logcontent)
[8857]142
[8859]143    def test_set_applicant_password(self):
144        applicant = createObject('waeup.Applicant')
[8860]145        applicant.applicant_id = u'abc'
[8859]146        mandate = PasswordMandate()
147        mandate.params['user'] = applicant
148        mandate.params['password'] = 'mypwd1'
149        self.app['mandates'].addMandate(mandate)
[13986]150        (msg, redirect_path) = mandate.execute()
[8859]151        # Password has been set.
[13986]152        self.assertEqual(msg,
153            'Password has been successfully set. Login with your new password.')
[13990]154        self.assertEqual(redirect_path, '/login')
[8859]155        self.assertTrue(IUserAccount(applicant).checkPassword('mypwd1'))
[8860]156        logfile = os.path.join(
157            self.app['datacenter'].storage, 'logs', 'main.log')
158        logcontent = open(logfile).read()
159        self.assertTrue('system - PasswordMandate used: abc' in logcontent)
[8859]160
[8846]161    def test_remove_expired(self):
162        # mandate1 is an old mandate which just expired.
[8857]163        mandate1 = PasswordMandate(days=0)
[8846]164        self.app['mandates'].addMandate(mandate1)
165        # mandate2 is a new mandate with default time delta.
[8857]166        mandate2 = PasswordMandate(mandate_id='23456')
[8846]167        self.app['mandates'].addMandate(mandate2)
168        self.assertEqual(len(self.app['mandates'].keys()), 2)
[13959]169        self.assertEqual(self.app['mandates'].count, (1, 1, 2))
[8910]170        num_deleted = self.app['mandates'].removeExpired()
171        self.assertEqual(num_deleted, 1)
[8846]172        # Only the new mandate remains in the container.
173        self.assertEqual(len(self.app['mandates'].keys()), 1)
174        self.assertEqual([i for i in self.app['mandates'].keys()], [u'23456'])
[13962]175        logfile = os.path.join(
176            self.app['datacenter'].storage, 'logs', 'main.log')
177        logcontent = open(logfile).read()
178        self.assertTrue('system - 1 mandates purged' in logcontent)
[8848]179
[13959]180    def test_purge_mandates(self):
181        # mandate1 is an old mandate which just expired.
182        mandate1 = PasswordMandate(days=0)
183        self.app['mandates'].addMandate(mandate1)
184        # mandate2 is a new mandate with default time delta.
185        mandate2 = PasswordMandate(mandate_id='23456')
186        self.app['mandates'].addMandate(mandate2)
187        self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
188        self.browser.open('http://localhost/app/configuration')
189        self.assertEqual(self.app['mandates'].count, (1, 1, 2))
190        self.assertTrue('<span>expired</span>' in self.browser.contents)
191        self.browser.getControl("Purge mandates").click()
192        self.assertTrue('1 mandate(s) were purged' in self.browser.contents)
193        self.assertEqual(self.app['mandates'].count, (1, 0, 1))
194
[13988]195    def test_browser_set_password(self):
[8848]196        student = createObject('waeup.Student')
197        self.app['students'].addStudent(student)
[8857]198        mandate = PasswordMandate()
[8858]199        mandate.params['user'] = student
[8848]200        mandate.params['password'] = 'mypwd1'
201        self.app['mandates'].addMandate(mandate)
202        self.browser.open('http://localhost/app/mandate?mandate_id=%s'
203            % mandate.mandate_id)
204        # Password has been set.
[11681]205        self.assertTrue('Password has been successfully set. Login with your new password.'
[8848]206            in self.browser.contents)
207        self.assertTrue(IUserAccount(student).checkPassword('mypwd1'))
208        # All mandates have been removed.
[8853]209        self.assertEqual(len(self.app['mandates'].keys()), 0)
[11680]210        # We redirect to login page not to the frontpage.
211        self.assertEqual(self.browser.url, 'http://localhost/app/login')
[13986]212        # Mandate has been deleted
213        self.browser.open('http://localhost/app/mandate?mandate_id=%s'
214            % mandate.mandate_id)
215        self.assertTrue('No mandate' in self.browser.contents)
[13990]216        self.assertEqual(self.browser.url, 'http://localhost/app')
[13986]217        # Mandate id is needed
218        self.browser.open('http://localhost/app/mandate')
219        self.assertTrue('Misuse' in self.browser.contents)
[13990]220        self.assertEqual(self.browser.url, 'http://localhost/app')
[13988]221
222    def test_refereereport_mandate(self):
223        mandate = RefereeReportMandate()
224        mandate.params['name'] = u'John Referee'
225        mandate.params['email'] = 'aa@aa.aa'
226        mandate.params['redirect_path'] = 'applicants/87689'
227        self.app['mandates'].addMandate(mandate)
228        (msg, redirect_path) = mandate.execute()
229        self.assertEqual(msg, None)
230        self.assertEqual(redirect_path, 'applicants/87689')
231        # Mandate has not been deleted
232        self.assertEqual(len(self.app['mandates'].keys()), 1)
233        mandate.params['redirect_path'] = None
234        (msg, redirect_path) = mandate.execute()
235        self.assertEqual(msg, 'Wrong mandate parameters.')
236        self.assertEqual(redirect_path, '')
237        # Add and execute an expired mandate
238        mandate2 = RefereeReportMandate(days=0)
239        mandate2.params['name'] = u'John Referee'
240        mandate2.params['email'] = 'aa@aa.aa'
241        mandate2.params['redirect_path'] = 'applicants/87689'
242        self.app['mandates'].addMandate(mandate2)
243        (msg, redirect_path) = mandate2.execute()
244        self.assertEqual(msg, 'Mandate expired.')
245        self.assertEqual(redirect_path, '')
246        # Both mandates still exist
247        self.assertEqual(len(self.app['mandates'].keys()), 2)
Note: See TracBrowser for help on using the repository browser.