| 1 | # GNU MediaGoblin -- federated, autonomous media hosting |
| 2 | # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. |
| 3 | # |
| 4 | # This program is free software: you can redistribute it and/or modify |
| 5 | # it under the terms of the GNU Affero General Public License as published by |
| 6 | # the Free Software Foundation, either version 3 of the License, or |
| 7 | # (at your option) any later version. |
| 8 | # |
| 9 | # This program is distributed in the hope that it will be useful, |
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | # GNU Affero General Public License for more details. |
| 13 | # |
| 14 | # You should have received a copy of the GNU Affero General Public License |
| 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 16 | |
| 17 | import pkg_resources |
| 18 | import pytest |
| 19 | import six |
| 20 | try: |
| 21 | import mock |
| 22 | except ImportError: |
| 23 | import unittest.mock as mock |
| 24 | |
| 25 | import six.moves.urllib.parse as urlparse |
| 26 | |
| 27 | from mediagoblin import mg_globals |
| 28 | from mediagoblin.db.base import Session |
| 29 | from mediagoblin.tests.tools import get_app |
| 30 | from mediagoblin.tools import template |
| 31 | |
| 32 | pytest.importorskip("ldap") |
| 33 | |
| 34 | |
| 35 | @pytest.fixture() |
| 36 | def ldap_plugin_app(request): |
| 37 | return get_app( |
| 38 | request, |
| 39 | mgoblin_config=pkg_resources.resource_filename( |
| 40 | 'mediagoblin.tests.auth_configs', |
| 41 | 'ldap_appconfig.ini')) |
| 42 | |
| 43 | |
| 44 | def return_value(): |
| 45 | return u'chris', u'chris@example.com' |
| 46 | |
| 47 | |
| 48 | def test_ldap_plugin(ldap_plugin_app): |
| 49 | res = ldap_plugin_app.get('/auth/login/') |
| 50 | |
| 51 | assert urlparse.urlsplit(res.location)[2] == '/auth/ldap/login/' |
| 52 | |
| 53 | res = ldap_plugin_app.get('/auth/register/') |
| 54 | |
| 55 | assert urlparse.urlsplit(res.location)[2] == '/auth/ldap/register/' |
| 56 | |
| 57 | res = ldap_plugin_app.get('/auth/ldap/register/') |
| 58 | |
| 59 | assert urlparse.urlsplit(res.location)[2] == '/auth/ldap/login/' |
| 60 | |
| 61 | template.clear_test_template_context() |
| 62 | res = ldap_plugin_app.post( |
| 63 | '/auth/ldap/login/', {}) |
| 64 | |
| 65 | context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/login.html'] |
| 66 | form = context['login_form'] |
| 67 | assert form.username.errors == [u'This field is required.'] |
| 68 | assert form.password.errors == [u'This field is required.'] |
| 69 | |
| 70 | @mock.patch('mediagoblin.plugins.ldap.tools.LDAP.login', |
| 71 | mock.Mock(return_value=return_value())) |
| 72 | def _test_authentication(): |
| 73 | template.clear_test_template_context() |
| 74 | res = ldap_plugin_app.post( |
| 75 | '/auth/ldap/login/', |
| 76 | {'username': u'chris', |
| 77 | 'password': u'toast'}) |
| 78 | |
| 79 | context = template.TEMPLATE_TEST_CONTEXT[ |
| 80 | 'mediagoblin/auth/register.html'] |
| 81 | register_form = context['register_form'] |
| 82 | |
| 83 | assert register_form.username.data == u'chris' |
| 84 | assert register_form.email.data == u'chris@example.com' |
| 85 | |
| 86 | template.clear_test_template_context() |
| 87 | res = ldap_plugin_app.post( |
| 88 | '/auth/ldap/register/', |
| 89 | {'username': u'chris', |
| 90 | 'email': u'chris@example.com'}) |
| 91 | res.follow() |
| 92 | |
| 93 | assert urlparse.urlsplit(res.location)[2] == '/u/chris/' |
| 94 | assert 'mediagoblin/user_pages/user_nonactive.html' in \ |
| 95 | template.TEMPLATE_TEST_CONTEXT |
| 96 | |
| 97 | # Try to register with same email and username |
| 98 | template.clear_test_template_context() |
| 99 | res = ldap_plugin_app.post( |
| 100 | '/auth/ldap/register/', |
| 101 | {'username': u'chris', |
| 102 | 'email': u'chris@example.com'}) |
| 103 | |
| 104 | context = template.TEMPLATE_TEST_CONTEXT[ |
| 105 | 'mediagoblin/auth/register.html'] |
| 106 | register_form = context['register_form'] |
| 107 | |
| 108 | assert register_form.email.errors == [ |
| 109 | u'Sorry, a user with that email address already exists.'] |
| 110 | assert register_form.username.errors == [ |
| 111 | u'Sorry, a user with that name already exists.'] |
| 112 | |
| 113 | # Log out |
| 114 | ldap_plugin_app.get('/auth/logout/') |
| 115 | |
| 116 | # Get user and detach from session |
| 117 | test_user = mg_globals.database.User.query.filter_by( |
| 118 | username=u'chris').first() |
| 119 | Session.expunge(test_user) |
| 120 | |
| 121 | # Log back in |
| 122 | template.clear_test_template_context() |
| 123 | res = ldap_plugin_app.post( |
| 124 | '/auth/ldap/login/', |
| 125 | {'username': u'chris', |
| 126 | 'password': u'toast'}) |
| 127 | res.follow() |
| 128 | |
| 129 | assert urlparse.urlsplit(res.location)[2] == '/' |
| 130 | assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT |
| 131 | |
| 132 | # Make sure user is in the session |
| 133 | context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html'] |
| 134 | session = context['request'].session |
| 135 | assert session['user_id'] == six.text_type(test_user.id) |
| 136 | |
| 137 | _test_authentication() |