Context navigation

source: main/waeup.sirp/trunk/src/waeup/sirp/applicants/tests/test_authentication.py @ 6484

Last change on this file since 6484 was 6470, checked in by Henrik Bettermann, 13 years ago
It should always be workflow state not status. My mistake.
File size: 13.0 KB

Line
1	##
2	## test_authentication.py
3	## Login : <uli@pu.smp.net>
4	## Started on Fri Aug 20 08:18:58 2010 Uli Fouquet
5	## $Id$
6	##
7	## Copyright (C) 2010 Uli Fouquet
8	## This program is free software; you can redistribute it and/or modify
9	## it under the terms of the GNU General Public License as published by
10	## the Free Software Foundation; either version 2 of the License, or
11	## (at your option) any later version.
12	##
13	## This program is distributed in the hope that it will be useful,
14	## but WITHOUT ANY WARRANTY; without even the implied warranty of
15	## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16	## GNU General Public License for more details.
17	##
18	## You should have received a copy of the GNU General Public License
19	## along with this program; if not, write to the Free Software
20	## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21	##
22	import grok
23	import shutil
24	import tempfile
25	import unittest
26	from zope.app.testing.functional import FunctionalTestCase
27	from zope.authentication.interfaces import IAuthentication
28	from zope.component import provideAdapter, getUtility
29	from zope.component.hooks import setSite, clearSite
30	from zope.interface import verify
31	from zope.pluggableauth.interfaces import IAuthenticatedPrincipalFactory
32	from zope.publisher.browser import TestRequest
33	from zope.publisher.interfaces import IRequest
34	from zope.session.interfaces import ISession
35	from zope.site import LocalSiteManager
36	from zope.testbrowser.testing import Browser
37	from zope.testing import cleanup
38	from waeup.sirp.testing import FunctionalLayer
39	from waeup.sirp.app import University
40	from waeup.sirp.applicants import ApplicantsContainer, Applicant
41	from waeup.sirp.applicants.authentication import (
42	ApplicantsAuthenticatorPlugin, WAeUPApplicantCredentialsPlugin,
43	ApplicantCredentials, AuthenticatedApplicantPrincipalFactory,
44	ApplicantPrincipalInfo, ApplicantPrincipal,)
45
46
47	class FakeBatch(dict):
48	def getAccessCode(self, id):
49	return self.get(id)
50
51	class FakeAccessCode(object):
52	def __init__(self, repr, state = 'initialized'):
53	self.representation = repr
54	self.state = state
55
56	class FakeApplication(object):
57	def __init__(self, ac=None):
58	self.access_code = ac
59
60	def FakeSite():
61	return {
62	'applicants': {
63	'APP': {
64	'APP-12345': FakeApplication(u'APP-12345'),
65	'APP-54321': FakeApplication(u'APP-54321'),
66	'APP-22222': FakeApplication(u'APP-OTHER'),
67	'APP-44444': FakeApplication(),
68	'APP-55555': FakeApplication(u'APP-OTHER'),
69	'APP-77777': FakeApplication(u'APP-77777'),
70	},
71	},
72	'accesscodes': {
73	'APP': FakeBatch({
74	'APP-12345': FakeAccessCode('APP-12345'),
75	'APP-54321': FakeAccessCode('APP-54321', 'used'),
76	'APP-11111': FakeAccessCode('APP-11111'),
77	'APP-22222': FakeAccessCode('APP-22222'),
78	'APP-33333': FakeAccessCode('APP-33333', 'used'),
79	'APP-44444': FakeAccessCode('APP-44444', 'used'),
80	'APP-55555': FakeAccessCode('APP-55555', 'used'),
81	'APP-66666': FakeAccessCode('APP-66666', 'disabled'),
82	'APP-77777': FakeAccessCode('APP-77777', 'disabled'),
83	})
84	}
85	}
86
87	class AuthenticatorPluginTest(FunctionalTestCase):
88
89	layer = FunctionalLayer
90
91	def create_applicant(self, cname, aname, ac=None):
92	# Create an applicant in an applicants container
93	setSite(self.app)
94	if not cname in self.app['applicants'].keys():
95	container = ApplicantsContainer()
96	self.app['applicants'][cname] = container
97	applicant = Applicant()
98	if ac is not None:
99	applicant.access_code = ac
100	self.app['applicants'][cname][aname] = applicant
101	return
102
103	def setUp(self):
104	super(AuthenticatorPluginTest, self).setUp()
105
106	# Setup a sample site for each test
107	app = University()
108	self.dc_root = tempfile.mkdtemp()
109	app['datacenter'].setStoragePath(self.dc_root)
110
111	# Prepopulate the ZODB...
112	self.getRootFolder()['app'] = app
113	self.app = self.getRootFolder()['app']
114
115	fake_site = FakeSite()
116	for ckey, fake_container in fake_site['applicants'].items():
117	for akey, fake_appl in fake_container.items():
118	self.create_applicant(ckey, akey, fake_appl.access_code)
119	del self.app['accesscodes']
120	self.app['accesscodes'] = fake_site['accesscodes']
121
122	self.plugin = ApplicantsAuthenticatorPlugin()
123	return
124
125	def tearDown(self):
126	super(AuthenticatorPluginTest, self).tearDown()
127	shutil.rmtree(self.dc_root)
128	return
129
130	def test_invalid_credentials(self):
131	result = self.plugin.authenticateCredentials('not-a-dict')
132	assert result is None
133
134	result = self.plugin.authenticateCredentials(
135	dict(accesscode=None, foo='blah'))
136	assert result is None
137
138	result = self.plugin.authenticateCredentials(
139	dict(accesscode='Nonsense',))
140	assert result is None
141
142	# Possible cases, where formal correct authentication
143	# data is not valid:
144	result = self.plugin.authenticateCredentials(
145	dict(accesscode='APP-33333'))
146	assert result is None
147
148	result = self.plugin.authenticateCredentials(
149	dict(accesscode='APP-55555'))
150	assert result is None
151
152	result = self.plugin.authenticateCredentials(
153	dict(accesscode='APP-66666'))
154	assert result is None
155
156	result = self.plugin.authenticateCredentials(
157	dict(accesscode='APP-77777'))
158	assert result is None
159
160	return
161
162	def test_valid_credentials(self):
163	"""The six different cases where we allow login.
164
165	All other combinations should be forbidden.
166	"""
167	result = self.plugin.authenticateCredentials(
168	dict(accesscode='APP-11111'))
169	assert result is not None
170
171	result = self.plugin.authenticateCredentials(
172	dict(accesscode='APP-12345'))
173	assert result is not None
174
175	result = self.plugin.authenticateCredentials(
176	dict(accesscode='APP-54321'))
177	assert result is not None
178
179	# check the `principalInfo` method of authenticator
180	# plugin. This is only here to satisfy the coverage report.
181	assert self.plugin.principalInfo('not-an-id') is None
182	return
183
184	session_data = {
185	'zope.pluggableauth.browserplugins': {}
186	}
187
188	class FakeSession(dict):
189	def __init__(self, request):
190	pass
191
192	def get(self, key, default=None):
193	return self.__getitem__(key, default)
194
195	def __getitem__(self, key, default=None):
196	return session_data.get(key, default)
197
198	def __setitem__(self, key, value):
199	session_data[key] = value
200	return
201
202	class CredentialsPluginTest(unittest.TestCase):
203
204	def setUp(self):
205	self.request = TestRequest()
206	provideAdapter(FakeSession, (IRequest,), ISession)
207	self.plugin = WAeUPApplicantCredentialsPlugin()
208	self.full_request = TestRequest()
209	session_data['zope.pluggableauth.browserplugins'] = {}
210	return
211
212	def tearDown(self):
213	cleanup.tearDown()
214	return
215
216	def filled_request(self, form_dict):
217	request = TestRequest()
218	for key, value in form_dict.items():
219	request.form[key] = value
220	return request
221
222	def test_extractCredentials_invalid(self):
223	result = self.plugin.extractCredentials('not-a-request')
224	assert result is None
225	return
226
227	def test_extractCredentials_empty(self):
228	result = self.plugin.extractCredentials(self.request)
229	assert result is None
230	return
231
232	def test_extractCredentials_full_set(self):
233	request = self.filled_request({
234	'form.ac_prefix': 'APP',
235	'form.ac_series': '1',
236	'form.ac_number': '1234567890',
237	#'form.jamb_reg_no': 'JAMB_NUMBER',
238	})
239	result = self.plugin.extractCredentials(request)
240	self.assertEqual(result, {'accesscode': 'APP-1-1234567890'})
241	return
242
243	def test_extractCredentials_accesscode_only(self):
244	request = self.filled_request({
245	'form.ac_prefix': 'APP',
246	'form.ac_series': '1',
247	'form.ac_number': '1234567890',
248	})
249	result = self.plugin.extractCredentials(request)
250	self.assertEqual(result, {'accesscode': 'APP-1-1234567890'})
251	return
252
253	def test_extractCredentials_from_empty_session(self):
254	session_data['zope.pluggableauth.browserplugins']['credentials'] = None
255	result = self.plugin.extractCredentials(self.request)
256	assert result is None
257	return
258
259	def test_extractCredentials_from_nonempty_session(self):
260	credentials = ApplicantCredentials('APP-1-12345')
261	session_data['zope.pluggableauth.browserplugins'][
262	'credentials'] = credentials
263	result = self.plugin.extractCredentials(self.request)
264	self.assertEqual(result, {'accesscode': 'APP-1-12345'})
265	return
266
267
268	class ApplicantCredentialsTest(unittest.TestCase):
269
270	def setUp(self):
271	self.credentials = ApplicantCredentials('SOME_ACCESSCODE')
272	return
273
274	def tearDown(self):
275	return
276
277	def test_methods(self):
278	self.assertEqual(self.credentials.getAccessCode(), 'SOME_ACCESSCODE')
279	assert self.credentials.getLogin() is None
280	assert self.credentials.getPassword() is None
281	return
282
283	class FakePluggableAuth(object):
284	prefix = 'foo'
285
286	class PrincipalFactoryTest(unittest.TestCase):
287
288	def setUp(self):
289	self.info = ApplicantPrincipalInfo('APP-1-1234567890')
290	return
291
292	def tearDown(self):
293	pass
294
295	def test_principalFactory_interface(self):
296	verify.verifyClass(IAuthenticatedPrincipalFactory,
297	AuthenticatedApplicantPrincipalFactory
298	)
299	return
300
301	def test_principalFactory_create(self):
302	factory = AuthenticatedApplicantPrincipalFactory(self.info, None)
303
304	assert factory.info is self.info
305	assert factory.request is None
306	return
307
308	def test_principalFactory_call_w_prefix(self):
309	factory = AuthenticatedApplicantPrincipalFactory(self.info, None)
310	principal = factory(FakePluggableAuth())
311
312	assert isinstance(principal, ApplicantPrincipal)
313	self.assertEqual(principal.__repr__(),
314	"ApplicantPrincipal('foo.APP-1-1234567890')")
315	self.assertEqual(principal.id, 'foo.APP-1-1234567890')
316	return
317
318	def test_principalFactory_call_wo_prefix(self):
319	factory = AuthenticatedApplicantPrincipalFactory(self.info, None)
320	fake_auth = FakePluggableAuth()
321	fake_auth.prefix = None
322	principal = factory(fake_auth)
323	self.assertEqual(principal.id, 'APP-1-1234567890')
324	return
325
326	class PAUSetupTest(FunctionalTestCase):
327	# Check correct setup of authentication components in the
328	# applicants subpackage.
329
330	# When a university is created, we want by default have our local
331	# authentication components (an authenticator plugin and a
332	# credentials plugin) to be registered with the local PAU. Admins
333	# can remove these components on the fly later-on if they wish.
334
335	layer = FunctionalLayer
336
337	def setUp(self):
338	super(PAUSetupTest, self).setUp()
339
340	# Setup a sample site for each test
341	app = University()
342	self.dc_root = tempfile.mkdtemp()
343	app['datacenter'].setStoragePath(self.dc_root)
344
345	# Prepopulate the ZODB...
346	self.getRootFolder()['app'] = app
347	self.app = self.getRootFolder()['app']
348	self.browser = Browser()
349	self.browser.handleErrors = False
350
351	def tearDown(self):
352	super(PAUSetupTest, self).tearDown()
353	shutil.rmtree(self.dc_root)
354
355	def test_extra_auth_plugins_installed(self):
356	# Check whether the auth plugins defined in here are setup
357	# automatically when a university is created
358
359	# Get the PAU responsible for the local site ('app')
360	pau = getUtility(IAuthentication, context=self.app)
361	cred_plugins = pau.getCredentialsPlugins()
362	auth_plugins = pau.getAuthenticatorPlugins()
363	cred_names = [name for name, plugin in cred_plugins]
364	auth_names = [name for name, plugin in auth_plugins]
365
366	# Make sure our local ApplicantsAuthenticatorPlugin is registered...
367	self.assertTrue('applicants' in auth_names)
368	# Make sure our local WAeUPApplicantCredentialsPlugin is registered...
369	self.assertTrue('applicant_credentials' in cred_names)
370	return
371
372	def test_suite():
373	suite = unittest.TestSuite()
374	for testcase in [
375	AuthenticatorPluginTest, CredentialsPluginTest,
376	ApplicantCredentialsTest, PrincipalFactoryTest,
377	PAUSetupTest,
378	]:
379	suite.addTest(unittest.TestLoader().loadTestsFromTestCase(
380	testcase
381	)
382	)
383	return suite

Note: See TracBrowser for help on using the repository browser.

Download in other formats: