source: main/waeup.kofa/trunk/src/waeup/kofa/mandates/tests.py @ 15546

Last change on this file since 15546 was 15287, checked in by Henrik Bettermann, 6 years ago

Stored insecure passwords are no longer accepted.
Officers with an insecure password can't login and are
redirected to the ChangePasswordRequestPage to request a
new password.

  • Property svn:keywords set to Id
File size: 10.7 KB
Line 
1## $Id: tests.py 15287 2019-01-09 21:17:08Z henrik $
2##
3## Copyright (C) 2012 Uli Fouquet & Henrik Bettermann
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8##
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13##
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17##
18"""
19Tests for mandates.
20"""
21import tempfile
22import shutil
23import os
24from zope.testbrowser.testing import Browser
25from datetime import datetime, timedelta
26from zope.interface.verify import verifyClass, verifyObject
27from zope.component import createObject
28from zope.component.hooks import setSite, clearSite
29from waeup.kofa.app import University
30from waeup.kofa.interfaces import IUserAccount
31from waeup.kofa.mandates.interfaces import (
32    IMandatesContainer, IMandate)
33from waeup.kofa.mandates.container import MandatesContainer
34from waeup.kofa.mandates.mandate import PasswordMandate, RefereeReportMandate
35from waeup.kofa.testing import (FunctionalLayer, FunctionalTestCase)
36from waeup.kofa.tests.test_authentication import SECRET
37
38class MandatesContainerTestCase(FunctionalTestCase):
39
40    layer = FunctionalLayer
41
42    def test_interfaces(self):
43        # Make sure the correct interfaces are implemented.
44        self.assertTrue(
45            verifyClass(
46                IMandatesContainer, MandatesContainer)
47            )
48        self.assertTrue(
49            verifyObject(
50                IMandatesContainer, MandatesContainer())
51            )
52        self.assertTrue(
53            verifyClass(
54                IMandate, PasswordMandate)
55            )
56        self.assertTrue(
57            verifyObject(
58                IMandate, PasswordMandate())
59            )
60        return
61
62    def setUp(self):
63        super(MandatesContainerTestCase, self).setUp()
64
65        # Setup a sample site for each test
66        app = University()
67        self.dc_root = tempfile.mkdtemp()
68        app['datacenter'].setStoragePath(self.dc_root)
69
70        # Prepopulate the ZODB...
71        self.getRootFolder()['app'] = app
72        # we add the site immediately after creation to the
73        # ZODB. Catalogs and other local utilities are not setup
74        # before that step.
75        self.app = self.getRootFolder()['app']
76        # Set site here. Some of the following setup code might need
77        # to access grok.getSite() and should get our new app then
78        setSite(app)
79
80        self.browser = Browser()
81        self.browser.handleErrors = False
82
83    def tearDown(self):
84        super(MandatesContainerTestCase, self).tearDown()
85        clearSite()
86        shutil.rmtree(self.dc_root)
87
88    def test_set_student_password(self):
89        student = createObject('waeup.Student')
90        # Add and execute a mandate with missing parameters.
91        mandate = PasswordMandate()
92        IUserAccount(student).setPassword('old_pw')
93        self.app['mandates'].addMandate(mandate)
94        (msg, redirect_path) = mandate.execute()
95        self.assertEqual(redirect_path, '')
96        self.assertEqual(msg, u'Wrong mandate parameters.')
97        # Add and execute an expired mandate.
98        mandate = PasswordMandate(days=0)
99        mandate.params['user'] = student
100        mandate.params['password'] = 'mypwd1'
101        self.app['mandates'].addMandate(mandate)
102        (msg, redirect_path) = mandate.execute()
103        self.assertEqual(msg, u'Mandate expired.')
104        self.assertEqual(redirect_path, '')
105        # Password has not been set
106        self.assertTrue(IUserAccount(student).checkPassword('old_pw'))
107        # Add and execute a perfect mandate
108        mandate = PasswordMandate()
109        mandate.params['user'] = student
110        mandate.params['password'] = 'mypwd1'
111        self.app['mandates'].addMandate(mandate)
112        (msg, redirect_path) = mandate.execute()
113        # Password has been set.
114        self.assertEqual(msg,
115            'Password has been successfully set. Login with your new password.')
116        self.assertEqual(redirect_path, '/login')
117        self.assertTrue(IUserAccount(student).checkPassword('mypwd1'))
118        # All mandates have been removed.
119        self.assertEqual(len(self.app['mandates'].keys()), 0)
120        logfile = os.path.join(
121            self.app['datacenter'].storage, 'logs', 'main.log')
122        logcontent = open(logfile).read()
123        self.assertTrue('system - PasswordMandate used: K1000000' in logcontent)
124
125    def test_set_officer_password(self):
126        self.app['users'].addUser('bob', SECRET)
127        officer = self.app['users']['bob']
128        mandate = PasswordMandate()
129        mandate.params['user'] = officer
130        mandate.params['password'] = SECRET
131        self.app['mandates'].addMandate(mandate)
132        (msg, redirect_path) = mandate.execute()
133        # Password has been set.
134        self.assertEqual(msg,
135            'Password has been successfully set. Login with your new password.')
136        self.assertEqual(redirect_path, '/login')
137        self.assertTrue(IUserAccount(officer).checkPassword(SECRET))
138        logfile = os.path.join(
139            self.app['datacenter'].storage, 'logs', 'main.log')
140        logcontent = open(logfile).read()
141        self.assertTrue('system - PasswordMandate used: bob' in logcontent)
142
143    def test_set_applicant_password(self):
144        applicant = createObject('waeup.Applicant')
145        applicant.applicant_id = u'abc'
146        mandate = PasswordMandate()
147        mandate.params['user'] = applicant
148        mandate.params['password'] = 'mypwd1'
149        self.app['mandates'].addMandate(mandate)
150        (msg, redirect_path) = mandate.execute()
151        # Password has been set.
152        self.assertEqual(msg,
153            'Password has been successfully set. Login with your new password.')
154        self.assertEqual(redirect_path, '/login')
155        self.assertTrue(IUserAccount(applicant).checkPassword('mypwd1'))
156        logfile = os.path.join(
157            self.app['datacenter'].storage, 'logs', 'main.log')
158        logcontent = open(logfile).read()
159        self.assertTrue('system - PasswordMandate used: abc' in logcontent)
160
161    def test_remove_expired(self):
162        # mandate1 is an old mandate which just expired.
163        mandate1 = PasswordMandate(days=0)
164        self.app['mandates'].addMandate(mandate1)
165        # mandate2 is a new mandate with default time delta.
166        mandate2 = PasswordMandate(mandate_id='23456')
167        self.app['mandates'].addMandate(mandate2)
168        self.assertEqual(len(self.app['mandates'].keys()), 2)
169        self.assertEqual(self.app['mandates'].count, (1, 1, 2))
170        num_deleted = self.app['mandates'].removeExpired()
171        self.assertEqual(num_deleted, 1)
172        # Only the new mandate remains in the container.
173        self.assertEqual(len(self.app['mandates'].keys()), 1)
174        self.assertEqual([i for i in self.app['mandates'].keys()], [u'23456'])
175        logfile = os.path.join(
176            self.app['datacenter'].storage, 'logs', 'main.log')
177        logcontent = open(logfile).read()
178        self.assertTrue('system - 1 mandates purged' in logcontent)
179
180    def test_purge_mandates(self):
181        # mandate1 is an old mandate which just expired.
182        mandate1 = PasswordMandate(days=0)
183        self.app['mandates'].addMandate(mandate1)
184        # mandate2 is a new mandate with default time delta.
185        mandate2 = PasswordMandate(mandate_id='23456')
186        self.app['mandates'].addMandate(mandate2)
187        self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')
188        self.browser.open('http://localhost/app/configuration')
189        self.assertEqual(self.app['mandates'].count, (1, 1, 2))
190        self.assertTrue('<span>expired</span>' in self.browser.contents)
191        self.browser.getControl("Purge mandates").click()
192        self.assertTrue('1 mandate(s) were purged' in self.browser.contents)
193        self.assertEqual(self.app['mandates'].count, (1, 0, 1))
194
195    def test_browser_set_password(self):
196        student = createObject('waeup.Student')
197        self.app['students'].addStudent(student)
198        mandate = PasswordMandate()
199        mandate.params['user'] = student
200        mandate.params['password'] = 'mypwd1'
201        self.app['mandates'].addMandate(mandate)
202        self.browser.open('http://localhost/app/mandate?mandate_id=%s'
203            % mandate.mandate_id)
204        # Password has been set.
205        self.assertTrue('Password has been successfully set. Login with your new password.'
206            in self.browser.contents)
207        self.assertTrue(IUserAccount(student).checkPassword('mypwd1'))
208        # All mandates have been removed.
209        self.assertEqual(len(self.app['mandates'].keys()), 0)
210        # We redirect to login page not to the frontpage.
211        self.assertEqual(self.browser.url, 'http://localhost/app/login')
212        # Mandate has been deleted
213        self.browser.open('http://localhost/app/mandate?mandate_id=%s'
214            % mandate.mandate_id)
215        self.assertTrue('No mandate' in self.browser.contents)
216        self.assertEqual(self.browser.url, 'http://localhost/app')
217        # Mandate id is needed
218        self.browser.open('http://localhost/app/mandate')
219        self.assertTrue('Misuse' in self.browser.contents)
220        self.assertEqual(self.browser.url, 'http://localhost/app')
221
222    def test_refereereport_mandate(self):
223        mandate = RefereeReportMandate()
224        mandate.params['name'] = u'John Referee'
225        mandate.params['email'] = 'aa@aa.aa'
226        mandate.params['redirect_path'] = 'applicants/87689'
227        self.app['mandates'].addMandate(mandate)
228        (msg, redirect_path) = mandate.execute()
229        self.assertEqual(msg, None)
230        self.assertEqual(redirect_path, 'applicants/87689')
231        # Mandate has not been deleted
232        self.assertEqual(len(self.app['mandates'].keys()), 1)
233        mandate.params['redirect_path'] = None
234        (msg, redirect_path) = mandate.execute()
235        self.assertEqual(msg, 'Wrong mandate parameters.')
236        self.assertEqual(redirect_path, '')
237        # Add and execute an expired mandate
238        mandate2 = RefereeReportMandate(days=0)
239        mandate2.params['name'] = u'John Referee'
240        mandate2.params['email'] = 'aa@aa.aa'
241        mandate2.params['redirect_path'] = 'applicants/87689'
242        self.app['mandates'].addMandate(mandate2)
243        (msg, redirect_path) = mandate2.execute()
244        self.assertEqual(msg, 'Mandate expired.')
245        self.assertEqual(redirect_path, '')
246        # Both mandates still exist
247        self.assertEqual(len(self.app['mandates'].keys()), 2)
Note: See TracBrowser for help on using the repository browser.