source: main/waeup.sirp/trunk/src/waeup/sirp/tests/test_authentication.py @ 7274

## $Id: test_authentication.py 7233 2011-11-28 21:04:57Z henrik $
##
## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; either version 2 of the License, or
## (at your option) any later version.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
## GNU General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with this program; if not, write to the Free Software
## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
##
import grok
import unittest
from zope.component.hooks import setSite, clearSite
from zope.interface.verify import verifyClass, verifyObject
from zope.pluggableauth.interfaces import IAuthenticatorPlugin
from zope.securitypolicy.interfaces import IPrincipalRoleManager
from waeup.sirp.testing import FunctionalTestCase, FunctionalLayer
from waeup.sirp.authentication import (
    UserAuthenticatorPlugin, Account, SIRPPrincipalInfo, get_principal_role_manager)

class FakeSite(grok.Site, grok.Container):
    pass

class UserAuthenticatorPluginTests(FunctionalTestCase):
    # Must be functional because of various utility lookups and the like

    layer = FunctionalLayer

    def setUp(self):
        super(UserAuthenticatorPluginTests, self).setUp()
        self.getRootFolder()['app'] = FakeSite()
        self.site = self.getRootFolder()['app']
        self.site['users'] = {'bob': Account('bob', 'secret')}
        setSite(self.site)
        return

    def tearDown(self):
        super(UserAuthenticatorPluginTests, self).tearDown()
        clearSite(self.site)
        return

    def test_ifaces(self):
        # make sure, interfaces requirements are met
        plugin = UserAuthenticatorPlugin()
        plugin.__parent__ = None # This attribute is required by iface
        self.assertTrue(
            verifyClass(IAuthenticatorPlugin, UserAuthenticatorPlugin))
        self.assertTrue(verifyObject(IAuthenticatorPlugin, plugin))
        return

    def test_authenticate_credentials(self):
        # make sure authentication works as expected
        plugin = UserAuthenticatorPlugin()
        result1 = plugin.authenticateCredentials(
            dict(login='bob', password='secret'))
        result2 = plugin.authenticateCredentials(
            dict(login='bob', password='nonsense'))
        self.assertTrue(isinstance(result1, SIRPPrincipalInfo))
        self.assertTrue(result2 is None)
        return

    def test_principal_info(self):
        # make sure we can get a principal info
        plugin = UserAuthenticatorPlugin()
        result1 = plugin.principalInfo('bob')
        result2 = plugin.principalInfo('manfred')
        self.assertTrue(isinstance(result1, SIRPPrincipalInfo))
        self.assertTrue(result2 is None)
        return

    def test_get_principal_role_manager(self):
        # make sure we get different role managers for different situations
        prm1 = get_principal_role_manager()
        clearSite(None)
        prm2 = get_principal_role_manager()
        self.assertTrue(IPrincipalRoleManager.providedBy(prm1))
        self.assertTrue(IPrincipalRoleManager.providedBy(prm2))
        self.assertTrue(prm1._context is self.site)
        self.assertTrue(hasattr(prm2, '_context') is False)
        return