Changeset 9334 for main/waeup.kofa/trunk/src/waeup/kofa/students/tests
- Timestamp:
- 14 Oct 2012, 21:02:31 (12 years ago)
- Location:
- main/waeup.kofa/trunk/src/waeup/kofa/students/tests
- Files:
-
- 2 edited
-
test_authentication.py (modified) (3 diffs)
-
test_browser.py (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.kofa/trunk/src/waeup/kofa/students/tests/test_authentication.py
r8983 r9334 17 17 ## 18 18 import unittest 19 from datetime import datetime, timedelta 19 20 from zope.authentication.interfaces import IAuthentication 20 21 from zope.component import provideUtility, queryUtility, getGlobalSiteManager … … 66 67 phone = None 67 68 suspended = False 69 temp_password_minutes = 10 70 71 def setTempPassword(self, user, password): 72 passwordmanager = queryUtility(IPasswordManager, 'SSHA') 73 self.temp_password = {} 74 self.temp_password[ 75 'password'] = passwordmanager.encodePassword(password) 76 self.temp_password['user'] = user 77 self.temp_password['timestamp'] = datetime.utcnow() 78 79 def getTempPassword(self): 80 temp_password_dict = getattr(self, 'temp_password', None) 81 if temp_password_dict is not None: 82 delta = timedelta(minutes=self.temp_password_minutes) 83 now = datetime.utcnow() 84 if now < temp_password_dict.get('timestamp') + delta: 85 return temp_password_dict.get('password') 86 else: 87 # Unset temporary password if expired 88 self.temp_password = None 89 return None 68 90 69 91 … … 138 160 return 139 161 162 def test_check_temp_password(self): 163 # make sure that, if a temp password is set, 164 # this password is used for authentication 165 self.account.setPassword('secret') 166 self.fake_stud.setTempPassword(user='beate', password='temp_secret') 167 result1 = self.account.checkPassword('secret') 168 result2 = self.account.checkPassword(None) 169 result3 = self.account.checkPassword('nonsense') 170 result4 = self.account.checkPassword('temp_secret') 171 self.assertEqual(result1, False) 172 self.assertEqual(result2, False) 173 self.assertEqual(result3, False) 174 self.assertEqual(result4, True) 175 # if the temp password is expired, the original password 176 # is used again 177 delta = timedelta(minutes=11) 178 self.fake_stud.temp_password['timestamp'] = datetime.utcnow() - delta 179 result5 = self.account.checkPassword('temp_secret') 180 result6 = self.account.checkPassword('secret') 181 self.assertEqual(result5, False) 182 self.assertEqual(result6, True) 183 return 184 140 185 def test_check_unset_password(self): 141 186 # empty and unset passwords do not match anything -
main/waeup.kofa/trunk/src/waeup/kofa/students/tests/test_browser.py
r9332 r9334 1183 1183 return 1184 1184 1185 def test_student_ access(self):1185 def test_student_login(self): 1186 1186 # Student cant login if their password is not set 1187 1187 self.student.password = None … … 1195 1195 IUserAccount( 1196 1196 self.app['students'][self.student_id]).setPassword('spwd') 1197 IWorkflowInfo(self.student).fireTransition('admit')1198 1197 # Students can't login if their account is suspended/deactivated 1199 1198 self.student.suspended = True … … 1202 1201 self.browser.getControl(name="form.password").value = 'spwd' 1203 1202 self.browser.getControl("Login").click() 1204 self.assert True(1205 ' Your account has been deactivated.' inself.browser.contents)1203 self.assertMatches( 1204 '...Your account has been deactivated...', self.browser.contents) 1206 1205 self.student.suspended = False 1206 # Students can't login if a temporary password has been set and 1207 # is not expired 1208 self.app['students'][self.student_id].setTempPassword( 1209 'anybody', 'temp_spwd') 1210 self.browser.open(self.login_path) 1211 self.browser.getControl(name="form.login").value = self.student_id 1212 self.browser.getControl(name="form.password").value = 'spwd' 1207 1213 self.browser.getControl("Login").click() 1208 self.assertTrue( 1209 'You logged in.' in self.browser.contents) 1214 self.assertMatches( 1215 '...Your account has been temporarily deactivated...', 1216 self.browser.contents) 1217 # The student can login with the temporary password 1218 self.browser.open(self.login_path) 1219 self.browser.getControl(name="form.login").value = self.student_id 1220 self.browser.getControl(name="form.password").value = 'temp_spwd' 1221 self.browser.getControl("Login").click() 1222 self.assertMatches( 1223 '...You logged in...', self.browser.contents) 1224 # Student can view the base data 1225 self.browser.open(self.student_path) 1226 self.assertEqual(self.browser.headers['Status'], '200 Ok') 1227 self.assertEqual(self.browser.url, self.student_path) 1228 # When the password expires ... 1229 delta = timedelta(minutes=11) 1230 self.app['students'][self.student_id].temp_password[ 1231 'timestamp'] = datetime.utcnow() - delta 1232 self.app['students'][self.student_id]._p_changed = True 1233 # ... the student will be automatically logged out 1234 self.assertRaises( 1235 Unauthorized, self.browser.open, self.student_path) 1236 # Then the student can login with the original password 1237 self.browser.open(self.login_path) 1238 self.browser.getControl(name="form.login").value = self.student_id 1239 self.browser.getControl(name="form.password").value = 'spwd' 1240 self.browser.getControl("Login").click() 1241 self.assertMatches( 1242 '...You logged in...', self.browser.contents) 1243 1244 def test_student_access(self): 1245 # Student cant login if their password is not set 1246 IWorkflowInfo(self.student).fireTransition('admit') 1247 self.browser.open(self.login_path) 1248 self.browser.getControl(name="form.login").value = self.student_id 1249 self.browser.getControl(name="form.password").value = 'spwd' 1250 self.browser.getControl("Login").click() 1251 self.assertMatches( 1252 '...You logged in...', self.browser.contents) 1210 1253 # Admitted student can upload a passport picture 1211 1254 self.browser.open(self.student_path + '/change_portrait')
Note: See TracChangeset for help on using the changeset viewer.
