source: main/waeup.sirp/trunk/src/waeup/sirp/students/tests/test_authentication.py @ 6688

Last change on this file since 6688 was 6680, checked in by uli, 13 years ago

Add support for assigning roles to student accounts and let password setter create unicode passwords.

File size: 5.6 KB
Line 
1##
2## test_authentication.py
3## Login : <uli@pu.smp.net>
4## Started on  Fri Sep  2 15:25:56 2011 Uli Fouquet
5## $Id$
6##
7## Copyright (C) 2011 Uli Fouquet
8## This program is free software; you can redistribute it and/or modify
9## it under the terms of the GNU General Public License as published by
10## the Free Software Foundation; either version 2 of the License, or
11## (at your option) any later version.
12##
13## This program is distributed in the hope that it will be useful,
14## but WITHOUT ANY WARRANTY; without even the implied warranty of
15## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16## GNU General Public License for more details.
17##
18## You should have received a copy of the GNU General Public License
19## along with this program; if not, write to the Free Software
20## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21##
22import unittest
23from zope.authentication.interfaces import IAuthentication
24from zope.component import provideUtility, queryUtility, getGlobalSiteManager
25from zope.interface.verify import verifyClass, verifyObject
26from zope.password.password import SSHAPasswordManager
27from zope.password.interfaces import IPasswordManager
28from zope.pluggableauth import PluggableAuthentication
29from zope.securitypolicy.role import Role
30from zope.securitypolicy.interfaces import IRole, Allow
31from waeup.sirp.authentication import get_principal_role_manager
32from waeup.sirp.interfaces import IAuthPluginUtility, IUserAccount
33from waeup.sirp.students.authentication import (
34    StudentsAuthenticatorSetup, StudentAccount)
35
36
37class StudentsAuthenticatorSetupTests(unittest.TestCase):
38
39    def test_iface(self):
40        obj = StudentsAuthenticatorSetup()
41        verifyClass(IAuthPluginUtility, StudentsAuthenticatorSetup)
42        verifyObject(IAuthPluginUtility, obj)
43        return
44
45    def test_register(self):
46        # Make sure registration works.
47        setup = StudentsAuthenticatorSetup()
48        pau = PluggableAuthentication()
49        setup.register(pau)
50        self.assertTrue('students' in pau.authenticatorPlugins)
51        return
52
53    def test_unregister(self):
54        # Make sure deregistration works.
55        setup = StudentsAuthenticatorSetup()
56        pau = PluggableAuthentication()
57        pau.authenticatorPlugins = ('students')
58        setup.unregister(pau)
59        self.assertTrue('students' not in pau.authenticatorPlugins)
60        return
61
62
63class FakeStudent(object):
64    student_id = 'test_stud'
65    name = 'Test User'
66    password = None
67
68
69class MinimalPAU(PluggableAuthentication):
70    def getPrincipal(self, id):
71        return 'faked principal'
72
73class StudentAccountTests(unittest.TestCase):
74
75    def setUp(self):
76        self.fake_stud = FakeStudent()
77        self.account = StudentAccount(self.fake_stud)
78
79        # We provide a minimal PAU
80        pau = MinimalPAU()
81        provideUtility(pau, IAuthentication)
82
83        # We register a role
84        test_role = Role('waeup.test.Role', 'Testing Role')
85        provideUtility(test_role, IRole, name='waeup.test.Role')
86
87        # We have to setup a password manager utility manually as we
88        # have no functional test. In functional tests this would
89        # happen automatically, but it would take a lot more time to
90        # run the tests.
91        provideUtility(
92            SSHAPasswordManager(), IPasswordManager, 'SSHA')
93        return
94
95    def tearDown(self):
96        self.account.roles = [] # make sure roles are reset
97        gsm = getGlobalSiteManager()
98        to_clean = []
99        # Clear up utilities registered in setUp
100        to_clean.append(
101            (IPasswordManager, queryUtility(
102                    IPasswordManager, name='SSHA', default=None)))
103        to_clean.append(
104            (IAuthentication, queryUtility(IAuthentication, default=None)))
105        to_clean.append(
106            (IRole, queryUtility(IRole, name='test.Role', default=None)))
107        for iface, elem in to_clean:
108            if elem is not None:
109                gsm.unregisterUtility(elem, iface)
110        return
111
112    def test_iface(self):
113        verifyClass(IUserAccount, StudentAccount)
114        verifyObject(IUserAccount, self.account)
115        return
116
117    def test_set_password(self):
118        # make sure we can set a password.
119        self.account.setPassword('secret')
120        self.assertTrue(self.fake_stud.password is not None)
121        # we do not store plaintext passwords
122        self.assertTrue(self.fake_stud.password != 'secret')
123        # passwords are stored as unicode
124        self.assertTrue(isinstance(self.fake_stud.password, unicode))
125        return
126
127    def test_check_password(self):
128        # make sure we can check a password.
129        self.account.setPassword('secret')
130        result1 = self.account.checkPassword(None)
131        result2 = self.account.checkPassword('nonsense')
132        result3 = self.account.checkPassword('secret')
133        self.assertEqual(result1, False)
134        self.assertEqual(result2, False)
135        self.assertEqual(result3, True)
136        return
137
138    def test_role_set(self):
139        # make sure we can set roles for principals denoted by account
140        prm = get_principal_role_manager()
141        self.assertEqual(prm.getPrincipalsAndRoles(), [])
142        self.account.roles = ['waeup.test.Role']
143        self.assertEqual(
144            prm.getPrincipalsAndRoles(),
145            [('waeup.test.Role', 'test_stud', Allow)])
146        return
147
148    def test_role_get(self):
149        # make sure we can get roles set for an account
150        self.assertEqual(self.account.roles, [])
151        self.account.roles = ['waeup.test.Role',] # set a role
152        self.assertEqual(self.account.roles, ['waeup.test.Role'])
153        return
Note: See TracBrowser for help on using the repository browser.