source: main/waeup.sirp/trunk/src/waeup/sirp/students/tests/test_authentication.py @ 6859

Last change on this file since 6859 was 6818, checked in by Henrik Bettermann, 13 years ago

Replace student's name attribute by fullname attributes to avoid confusion.
File size: 6.2 KB
Line 
1##
2## test_authentication.py
3## Login : <uli@pu.smp.net>
4## Started on  Fri Sep  2 15:25:56 2011 Uli Fouquet
5## $Id$
6##
7## Copyright (C) 2011 Uli Fouquet
8## This program is free software; you can redistribute it and/or modify
9## it under the terms of the GNU General Public License as published by
10## the Free Software Foundation; either version 2 of the License, or
11## (at your option) any later version.
12##
13## This program is distributed in the hope that it will be useful,
14## but WITHOUT ANY WARRANTY; without even the implied warranty of
15## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16## GNU General Public License for more details.
17##
18## You should have received a copy of the GNU General Public License
19## along with this program; if not, write to the Free Software
20## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21##
22import unittest
23from zope.authentication.interfaces import IAuthentication
24from zope.component import provideUtility, queryUtility, getGlobalSiteManager
25from zope.interface.verify import verifyClass, verifyObject
26from zope.password.password import SSHAPasswordManager
27from zope.password.interfaces import IPasswordManager
28from zope.pluggableauth import PluggableAuthentication
29from zope.security.interfaces import Unauthorized
30from zope.securitypolicy.role import Role
31from zope.securitypolicy.interfaces import IRole, Allow
32from waeup.sirp.authentication import get_principal_role_manager
33from waeup.sirp.interfaces import IAuthPluginUtility, IUserAccount
34from waeup.sirp.students.authentication import (
35    StudentsAuthenticatorSetup, StudentAccount)
36from waeup.sirp.students.tests.test_browser import StudentsFullSetup
37from waeup.sirp.testing import FunctionalLayer
38
39class StudentsAuthenticatorSetupTests(unittest.TestCase):
40
41    def test_iface(self):
42        obj = StudentsAuthenticatorSetup()
43        verifyClass(IAuthPluginUtility, StudentsAuthenticatorSetup)
44        verifyObject(IAuthPluginUtility, obj)
45        return
46
47    def test_register(self):
48        # Make sure registration works.
49        setup = StudentsAuthenticatorSetup()
50        pau = PluggableAuthentication()
51        setup.register(pau)
52        self.assertTrue('students' in pau.authenticatorPlugins)
53        return
54
55    def test_unregister(self):
56        # Make sure deregistration works.
57        setup = StudentsAuthenticatorSetup()
58        pau = PluggableAuthentication()
59        pau.authenticatorPlugins = ('students')
60        setup.unregister(pau)
61        self.assertTrue('students' not in pau.authenticatorPlugins)
62        return
63
64
65class FakeStudent(object):
66    student_id = 'test_stud'
67    fullname = 'Test User'
68    password = None
69
70
71class MinimalPAU(PluggableAuthentication):
72    def getPrincipal(self, id):
73        return 'faked principal'
74
75class StudentAccountTests(unittest.TestCase):
76
77    def setUp(self):
78        self.fake_stud = FakeStudent()
79        self.account = StudentAccount(self.fake_stud)
80
81        # We provide a minimal PAU
82        pau = MinimalPAU()
83        provideUtility(pau, IAuthentication)
84
85        # We register a role
86        test_role = Role('waeup.test.Role', 'Testing Role')
87        provideUtility(test_role, IRole, name='waeup.test.Role')
88
89        # We have to setup a password manager utility manually as we
90        # have no functional test. In functional tests this would
91        # happen automatically, but it would take a lot more time to
92        # run the tests.
93        provideUtility(
94            SSHAPasswordManager(), IPasswordManager, 'SSHA')
95        return
96
97    def tearDown(self):
98        self.account.roles = [] # make sure roles are reset
99        gsm = getGlobalSiteManager()
100        to_clean = []
101        # Clear up utilities registered in setUp
102        to_clean.append(
103            (IPasswordManager, queryUtility(
104                    IPasswordManager, name='SSHA', default=None)))
105        to_clean.append(
106            (IAuthentication, queryUtility(IAuthentication, default=None)))
107        to_clean.append(
108            (IRole, queryUtility(IRole, name='test.Role', default=None)))
109        for iface, elem in to_clean:
110            if elem is not None:
111                gsm.unregisterUtility(elem, iface)
112        return
113
114    def test_iface(self):
115        verifyClass(IUserAccount, StudentAccount)
116        verifyObject(IUserAccount, self.account)
117        return
118
119    def test_set_password(self):
120        # make sure we can set a password.
121        self.account.setPassword('secret')
122        self.assertTrue(self.fake_stud.password is not None)
123        # we do not store plaintext passwords
124        self.assertTrue(self.fake_stud.password != 'secret')
125        # passwords are stored as unicode
126        self.assertTrue(isinstance(self.fake_stud.password, unicode))
127        return
128
129    def test_check_password(self):
130        # make sure we can check a password.
131        self.account.setPassword('secret')
132        result1 = self.account.checkPassword(None)
133        result2 = self.account.checkPassword('nonsense')
134        result3 = self.account.checkPassword('secret')
135        self.assertEqual(result1, False)
136        self.assertEqual(result2, False)
137        self.assertEqual(result3, True)
138        return
139
140    def test_role_set(self):
141        # make sure we can set roles for principals denoted by account
142        prm = get_principal_role_manager()
143        self.assertEqual(prm.getPrincipalsAndRoles(), [])
144        self.account.roles = ['waeup.test.Role']
145        self.assertEqual(
146            prm.getPrincipalsAndRoles(),
147            [('waeup.test.Role', 'test_stud', Allow)])
148        return
149
150    def test_role_get(self):
151        # make sure we can get roles set for an account
152        self.assertEqual(self.account.roles, [])
153        self.account.roles = ['waeup.test.Role',] # set a role
154        self.assertEqual(self.account.roles, ['waeup.test.Role'])
155        return
156
157
158
159class FunctionalStudentAuthTests(StudentsFullSetup):
160
161    layer = FunctionalLayer
162
163    def setUp(self):
164        super(FunctionalStudentAuthTests, self).setUp()
165        return
166
167    def tearDown(self):
168        super(FunctionalStudentAuthTests, self).tearDown()
169        return
170
171    def test_reset_protected_anonymous(self):
172        # anonymous users cannot reset others passwords
173        self.assertRaises(
174            Unauthorized,
175            self.browser.open, self.student_path + '/bedit')
176        return
Note: See TracBrowser for help on using the repository browser.