diff options
41 files changed, 403 insertions, 226 deletions
diff --git a/.coveragerc b/.coveragerc index e83bec0..d3bf2f8 100644 --- a/.coveragerc +++ b/.coveragerc @@ -1,3 +1,3 @@ [run] source = . -omit = okupy/settings/*,setup.py,okupy/wsgi.py,okupy/common/test_helpers.py,okupy/common/log.py,.virtualenv/* +omit = okupy/settings/*,setup.py,okupy/wsgi.py,okupy/common/test_helpers.py,okupy/common/log.py,.virtualenv/*,okupy/tests/__init__.py @@ -3,6 +3,7 @@ *.kdev4 *.kate-swp *.db +*.egg okupy/settings/local.py okupy/settings/development.py /media diff --git a/.travis.yml b/.travis.yml index 4aa14f7..2be9be6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,14 +4,14 @@ python: env: - DJANGO_VERSION=1.5 install: - - pip install -r requirements.txt --use-mirrors - - pip install coveralls --use-mirrors + - pip install -r requirements.txt coveralls flake8 --use-mirrors branches: only: - master -script: coverage run manage.py test --settings=okupy.tests.settings +script: coverage run setup.py test after_success: - coveralls + - flake8 . --exclude=./okupy/tests/settings.py,./okupy/settings,setup.py notifications: email: recipients: diff --git a/bin/runtests b/bin/runtests index 5060cf3..1ea3b7a 100755 --- a/bin/runtests +++ b/bin/runtests @@ -1,10 +1,11 @@ #!/bin/bash -while getopts sa:dc arg; do +while getopts sdcf2 arg; do case ${arg} in s) SETTINGS="--settings=okupy.tests.settings" ;; d) TDAEMON="tdaemon -t django" ;; c) COVERAGE="coverage" ;; + f) FLAKE8="flake8 . --exclude=./okupy/tests/settings.py,./okupy/settings,setup.py" ;; 2) SUFFIX="2" ;; esac done @@ -20,3 +21,5 @@ else echo "Executing: $COMMAND" $COMMAND fi + +${FLAKE8} diff --git a/okupy/__init__.py b/okupy/__init__.py index 7e9bacb..895b543 100644 --- a/okupy/__init__.py +++ b/okupy/__init__.py @@ -5,3 +5,7 @@ def get_package_version(): return '0.0.1-dev' __version__ = get_package_version() + + +class OkupyError(Exception): + pass diff --git a/okupy/accounts/forms.py b/okupy/accounts/forms.py index be6e1e8..8997e1c 100644 --- a/okupy/accounts/forms.py +++ b/okupy/accounts/forms.py @@ -2,8 +2,8 @@ from django import forms -from .models import OpenID_Attributes -from ..crypto.ciphers import sessionrefcipher +from okupy.accounts.models import OpenID_Attributes +from okupy.crypto.ciphers import sessionrefcipher class LoginForm(forms.Form): @@ -18,7 +18,8 @@ class StrongAuthForm(forms.Form): class OpenIDLoginForm(LoginForm): - auto_logout = forms.BooleanField(required=False, + auto_logout = forms.BooleanField( + required=False, label='Log out after answering the OpenID request') diff --git a/okupy/accounts/models.py b/okupy/accounts/models.py index 3f41705..b56c20f 100644 --- a/okupy/accounts/models.py +++ b/okupy/accounts/models.py @@ -6,7 +6,7 @@ from ldapdb.models.fields import (CharField, IntegerField, ListField, FloatField, ACLField, DateField) import ldapdb.models -from ..crypto.models import EncryptedPKModel +from okupy.crypto.models import EncryptedPKModel class Queue(EncryptedPKModel): diff --git a/okupy/accounts/openid_store.py b/okupy/accounts/openid_store.py index 5f66abb..b58fce7 100644 --- a/okupy/accounts/openid_store.py +++ b/okupy/accounts/openid_store.py @@ -3,7 +3,6 @@ import base64 import calendar import datetime -import time from django.db import IntegrityError from django.utils import timezone @@ -12,7 +11,7 @@ from openid.store.interface import OpenIDStore from openid.association import Association from openid.store import nonce -from . import models as db_models +from okupy.accounts import models as db_models class DjangoDBOpenIDStore(OpenIDStore): @@ -66,7 +65,7 @@ class DjangoDBOpenIDStore(OpenIDStore): assert(server_uri is not None) assert(handle is not None) - objs = self._db_getAssocs(server_uri, handle) + self._db_getAssocs(server_uri, handle) # determining whether something was deleted is a waste of time # and django doesn't give us explicit 'affected rows' diff --git a/okupy/accounts/ssh.py b/okupy/accounts/ssh.py index 4e5028e..6383c49 100644 --- a/okupy/accounts/ssh.py +++ b/okupy/accounts/ssh.py @@ -2,10 +2,10 @@ from django.contrib.auth import authenticate, login -from ..common.ssh import ssh_handler -from ..common.test_helpers import set_request -from ..crypto.ciphers import sessionrefcipher -from ..otp import init_otp +from okupy.common.ssh import ssh_handler +from okupy.common.test_helpers import set_request +from okupy.crypto.ciphers import sessionrefcipher +from okupy.otp import init_otp ssh_handlers = {} diff --git a/okupy/accounts/urls.py b/okupy/accounts/urls.py index 56e56a6..86b158b 100644 --- a/okupy/accounts/urls.py +++ b/okupy/accounts/urls.py @@ -1,16 +1,20 @@ # vim:fileencoding=utf8:et:ts=4:sts=4:sw=4:ft=python from django.conf.urls import patterns, url -from . import views as v +from okupy.accounts import views as v -accounts_urlpatterns = patterns('', +accounts_urlpatterns = patterns( + '', url(r'^$', v.index, name="index"), url(r'^login/$', v.login), url(r'^ssl-auth/$', v.ssl_auth), url(r'^logout/$', v.logout, name="logout"), - url(r'^devlist/$', v.lists, {'acc_list': 'devlist'}, name="active_developers"), - url(r'^former-devlist/$', v.lists, {'acc_list': 'former-devlist'}, name="former_developers"), - url(r'^foundation-members/$', v.lists, {'acc_list': 'foundation-members'}, name="foundation_members"), + url(r'^devlist/$', v.lists, {'acc_list': 'devlist'}, + name="active_developers"), + url(r'^former-devlist/$', v.lists, {'acc_list': 'former-devlist'}, + name="former_developers"), + url(r'^foundation-members/$', v.lists, {'acc_list': 'foundation-members'}, + name="foundation_members"), url(r'^signup/$', v.signup), url(r'^activate/(?P<token>[a-zA-Z0-9-_]+)/$', v.activate), url(r'^otp-setup/$', v.otp_setup), diff --git a/okupy/accounts/views.py b/okupy/accounts/views.py index 96fc5d3..fc96f55 100644 --- a/okupy/accounts/views.py +++ b/okupy/accounts/views.py @@ -11,10 +11,8 @@ from django.forms.models import model_to_dict from django.http import (HttpResponse, HttpResponseForbidden, HttpResponseBadRequest) from django.views.decorators.cache import cache_page -from django.views.generic.base import View from django.shortcuts import redirect, render from django.utils.html import format_html -from django.utils.http import urlencode from django.views.decorators.csrf import csrf_exempt from django.views.decorators.http import require_POST from django_otp.decorators import otp_required @@ -25,37 +23,37 @@ from openid.server.server import (Server, ProtocolError, EncodingError, CheckIDRequest, ENCODE_URL, ENCODE_KVFORM, ENCODE_HTML_FORM) from passlib.hash import ldap_md5_crypt -from urlparse import urljoin, urlparse, parse_qsl - -from .forms import (LoginForm, OpenIDLoginForm, SSLCertLoginForm, - OTPForm, SignupForm, SiteAuthForm, StrongAuthForm) -from .models import LDAPUser, OpenID_Attributes, Queue -from .openid_store import DjangoDBOpenIDStore -from ..common.ldap_helpers import (get_bound_ldapuser, - set_secondary_password, - remove_secondary_password) -from ..common.decorators import strong_auth_required, anonymous_required -from ..common.exceptions import OkupyError -from ..common.log import log_extra_data -from ..crypto.ciphers import sessionrefcipher -from ..crypto.models import RevokedToken -from ..otp import init_otp -from ..otp.sotp.models import SOTPDevice -from ..otp.totp.models import TOTPDevice +from urlparse import urljoin + +from okupy import OkupyError +from okupy.accounts.forms import (LoginForm, OpenIDLoginForm, SSLCertLoginForm, + OTPForm, SignupForm, SiteAuthForm, + StrongAuthForm) +from okupy.accounts.models import LDAPUser, OpenID_Attributes, Queue +from okupy.accounts.openid_store import DjangoDBOpenIDStore +from okupy.common.ldap_helpers import (get_bound_ldapuser, + set_secondary_password, + remove_secondary_password) +from okupy.common.decorators import strong_auth_required, anonymous_required +from okupy.common.log import log_extra_data +from okupy.crypto.ciphers import sessionrefcipher +from okupy.crypto.models import RevokedToken +from okupy.otp import init_otp +from okupy.otp.sotp.models import SOTPDevice +from okupy.otp.totp.models import TOTPDevice # the following two are for exceptions import openid.yadis.discover import openid.fetchers import django_otp import io -import ldap -import ldap.modlist as modlist import logging import qrcode logger = logging.getLogger('okupy') logger_mail = logging.getLogger('mail_okupy') + @cache_page(60 * 20) def lists(request, acc_list): devlist = LDAPUser.objects.all() @@ -67,6 +65,7 @@ def lists(request, acc_list): devlist = devlist.filter(is_foundation=True) return render(request, '%s.html' % acc_list, {'devlist': devlist}) + @otp_required def index(request): ldb_user = LDAPUser.objects.filter(username=request.user.username) @@ -227,7 +226,7 @@ def ssl_auth(request): if user and user.is_active: _login(request, user) init_otp(request) - if request.user.is_verified(): # OTP disabled + if request.user.is_verified(): # OTP disabled next_uri = ssl_auth_form.cleaned_data['next'] else: messages.error(request, 'Certificate authentication failed') @@ -267,7 +266,7 @@ def signup(request): if signup_form.is_valid(): try: try: - user = LDAPUser.objects.get( + LDAPUser.objects.get( username=signup_form.cleaned_data['username']) except LDAPUser.DoesNotExist: pass @@ -278,7 +277,7 @@ def signup(request): else: raise OkupyError('Username already exists') try: - user = LDAPUser.objects.get( + LDAPUser.objects.get( email__contains=signup_form.cleaned_data['email']) except LDAPUser.DoesNotExist: pass @@ -326,7 +325,7 @@ def activate(request, token): """ try: try: - queued_user = Queue.objects.get(encrypted_id=token) + queued = Queue.objects.get(encrypted_id=token) except (Queue.DoesNotExist, OverflowError, TypeError, ValueError): raise OkupyError('Invalid URL') except Exception as error: @@ -345,21 +344,21 @@ def activate(request, token): # add account to ldap new_user = LDAPUser( object_class=settings.AUTH_LDAP_USER_OBJECTCLASS, - last_name=queued_user.last_name, - full_name='%s %s' % (queued_user.first_name, queued_user.last_name), - password=[ldap_md5_crypt.encrypt(queued_user.password)], - first_name=queued_user.first_name, - email=[queued_user.email], - username=queued_user.username, + last_name=queued.last_name, + full_name='%s %s' % (queued.first_name, queued.last_name), + password=[ldap_md5_crypt.encrypt(queued.password)], + first_name=queued.first_name, + email=[queued.email], + username=queued.username, uid=uidnumber, gid=100, - gecos='%s %s' % (queued_user.first_name, queued_user.last_name), - home_directory='/home/%s' % queued_user.username, + gecos='%s %s' % (queued.first_name, queued.last_name), + home_directory='/home/%s' % queued.username, ACL=['user.group'], ) new_user.save() # remove queued account from DB - queued_user.delete() + queued.delete() messages.success( request, "Your account has been activated successfully") except OkupyError as error: @@ -411,11 +410,12 @@ def otp_setup(request): skeys = sdev.gen_keys(user) messages.info(request, 'Your old recovery keys have been revoked.') elif 'cancel' in request.POST: - messages.info(request, 'Secret change aborted. Previous settings are in effect.') + messages.info(request, 'Secret change aborted. Previous settings' + 'are in effect.') if secret: # into groups of four characters - secret = ' '.join([secret[i:i+4] + secret = ' '.join([secret[i:i + 4] for i in range(0, len(secret), 4)]) if skeys: # xxx xx xxx diff --git a/okupy/common/auth.py b/okupy/common/auth.py index 9d4b205..aa238fc 100644 --- a/okupy/common/auth.py +++ b/okupy/common/auth.py @@ -4,7 +4,7 @@ from django.contrib.auth import get_user_model from django.contrib.auth.backends import ModelBackend from django.db import IntegrityError -from ..accounts.models import LDAPUser +from okupy.accounts.models import LDAPUser from OpenSSL.crypto import load_certificate, FILETYPE_PEM diff --git a/okupy/common/decorators.py b/okupy/common/decorators.py index e69c02d..d71b651 100644 --- a/okupy/common/decorators.py +++ b/okupy/common/decorators.py @@ -44,7 +44,7 @@ def strong_auth_required(function=None, login_scheme, login_netloc = urlparse(resolved_login_url)[:2] current_scheme, current_netloc = urlparse(path)[:2] if ((not login_scheme or login_scheme == current_scheme) and - (not login_netloc or login_netloc == current_netloc)): + (not login_netloc or login_netloc == current_netloc)): path = request.get_full_path() return redirect_to_login( path, resolved_login_url, redirect_field_name) diff --git a/okupy/common/exceptions.py b/okupy/common/exceptions.py deleted file mode 100644 index a979503..0000000 --- a/okupy/common/exceptions.py +++ /dev/null @@ -1,5 +0,0 @@ -# vim:fileencoding=utf8:et:ts=4:sts=4:sw=4:ft=python - - -class OkupyError(Exception): - pass diff --git a/okupy/common/ldap_helpers.py b/okupy/common/ldap_helpers.py index 4970e6a..27bc813 100644 --- a/okupy/common/ldap_helpers.py +++ b/okupy/common/ldap_helpers.py @@ -4,8 +4,9 @@ from base64 import b64encode from Crypto import Random from passlib.hash import ldap_md5_crypt -from ..crypto.ciphers import cipher -from ..accounts.models import LDAPUser +from okupy import OkupyError +from okupy.accounts.models import LDAPUser +from okupy.crypto.ciphers import cipher def get_bound_ldapuser(request, password=None): @@ -20,7 +21,8 @@ def get_bound_ldapuser(request, password=None): password = b64encode(cipher.decrypt( request.session['secondary_password'], 48)) except KeyError: - raise OkupyError('Secondary password not available (no strong auth?)') + raise OkupyError( + 'Secondary password not available (no strong auth?)') bound_cls = LDAPUser.bind_as( alias='ldap_%s' % username, diff --git a/okupy/common/ssh.py b/okupy/common/ssh.py index 1c4a49a..c5f3ad0 100644 --- a/okupy/common/ssh.py +++ b/okupy/common/ssh.py @@ -44,7 +44,7 @@ class SSHServer(paramiko.ServerInterface): h = settings.SSH_HANDLERS[cmd] # this is an easy way of checking if we have correct args inspect.getcallargs(h, *args, key=key) - except (KeyError, TypeError) as e: + except (KeyError, TypeError): pass else: ret = h(*args, key=key) @@ -76,7 +76,7 @@ class SSHServer(paramiko.ServerInterface): return True def check_channel_pty_request(self, channel, term, width, height, - pixelwidth, pixelheight, modes): + pixelwidth, pixelheight, modes): return True @@ -107,6 +107,6 @@ class SSHDispatcher(asyncore.dispatcher): def ssh_main(): server_key = paramiko.RSAKey(file_obj=BytesIO(settings.SSH_SERVER_KEY)) - disp = SSHDispatcher(server_key) + SSHDispatcher(server_key) asyncore.loop() raise SystemError('SSH server loop exited') diff --git a/okupy/crypto/ciphers.py b/okupy/crypto/ciphers.py index 667d8d1..cdafba6 100644 --- a/okupy/crypto/ciphers.py +++ b/okupy/crypto/ciphers.py @@ -10,7 +10,7 @@ import Crypto.Random import struct -from .codecs import ub64encode, ub64decode +from okupy.crypto.codecs import ub64encode, ub64decode class OkupyCipher(object): diff --git a/okupy/crypto/models.py b/okupy/crypto/models.py index b2eaa08..8f30130 100644 --- a/okupy/crypto/models.py +++ b/okupy/crypto/models.py @@ -4,7 +4,7 @@ from django.contrib.auth.models import User from django.db import models, IntegrityError from django.utils.timezone import now -from .ciphers import idcipher +from okupy.crypto.ciphers import idcipher from datetime import timedelta diff --git a/okupy/otp/__init__.py b/okupy/otp/__init__.py index 7a538f3..73f9078 100644 --- a/okupy/otp/__init__.py +++ b/okupy/otp/__init__.py @@ -4,8 +4,9 @@ from django.db import IntegrityError from django_otp import login as otp_login from django_otp.middleware import OTPMiddleware -from .sotp.models import SOTPDevice -from .totp.models import TOTPDevice +from okupy.otp.sotp.models import SOTPDevice +from okupy.otp.totp.models import TOTPDevice + def init_otp(request): """ diff --git a/okupy/otp/sotp/models.py b/okupy/otp/sotp/models.py index 5bb58f8..181911d 100644 --- a/okupy/otp/sotp/models.py +++ b/okupy/otp/sotp/models.py @@ -2,7 +2,7 @@ from django_otp.models import Device -from ...accounts.models import LDAPUser +from okupy.accounts.models import LDAPUser import random @@ -34,7 +34,7 @@ class SOTPDevice(Device): """ Verify token against recovery keys. """ - u = LDAPUser.objects.get(username = self.user.username) + u = LDAPUser.objects.get(username=self.user.username) if token in u.otp_recovery_keys: u.otp_recovery_keys.remove(token) u.save() diff --git a/okupy/otp/totp/models.py b/okupy/otp/totp/models.py index 72f5e3d..50e8328 100644 --- a/okupy/otp/totp/models.py +++ b/okupy/otp/totp/models.py @@ -3,8 +3,8 @@ from django_otp import oath from django_otp.models import Device -from ...accounts.models import LDAPUser -from ...crypto.codecs import ub32decode, ub32encode +from okupy.accounts.models import LDAPUser +from okupy.crypto.codecs import ub32decode, ub32encode import Crypto.Random @@ -59,10 +59,10 @@ class TOTPDevice(Device): past and future tokens to include clock drift. """ if not secret: - u = LDAPUser.objects.get(username = self.user.username) + u = LDAPUser.objects.get(username=self.user.username) if not u.otp_secret: return True - elif not token: # (we're just being probed) + elif not token: # (we're just being probed) return False secret = u.otp_secret diff --git a/okupy/tests/__init__.py b/okupy/tests/__init__.py index e69de29..279492d 100644 --- a/okupy/tests/__init__.py +++ b/okupy/tests/__init__.py @@ -0,0 +1,26 @@ +# vim:fileencoding=utf8:et:ts=4:sts=4:sw=4:ft=python + +""" +Enables ./setup.py test +http://gremu.net/blog/2010/enable-setuppy-test-your-django-apps/ +""" + +import os +import sys + +os.environ['DJANGO_SETTINGS_MODULE'] = 'okupy.tests.settings' +test_dir = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) +sys.path.insert(0, test_dir) + +from django.test.utils import get_runner +from django.conf import settings + + +def runtests(): + TestRunner = get_runner(settings) + test_runner = TestRunner(verbosity=1, interactive=True) + failures = test_runner.run_tests(['tests']) + sys.exit(bool(failures)) + +if __name__ == '__main__': + runtests() diff --git a/okupy/tests/integration/__init__.py b/okupy/tests/integration/__init__.py index 8b13789..e69de29 100644 --- a/okupy/tests/integration/__init__.py +++ b/okupy/tests/integration/__init__.py @@ -1 +0,0 @@ - diff --git a/okupy/tests/integration/test_index.py b/okupy/tests/integration/test_index.py index 8650860..e2c754e 100644 --- a/okupy/tests/integration/test_index.py +++ b/okupy/tests/integration/test_index.py @@ -1,14 +1,14 @@ # vim:fileencoding=utf8:et:ts=4:sts=4:sw=4:ft=python from django.conf import settings +from django.test import TestCase from django.test.client import Client from mockldap import MockLdap -from .. import vars -from ...common.test_helpers import OkupyTestCase, ldap_users, set_search_seed +from okupy.tests import vars -class IndexIntegrationTests(OkupyTestCase): +class IndexIntegrationTests(TestCase): @classmethod def setUpClass(cls): cls.mockldap = MockLdap(vars.DIRECTORY) @@ -26,7 +26,7 @@ class IndexIntegrationTests(OkupyTestCase): self.assertRedirects(response, '/login/?next=/') def test_index_page_uses_correct_template(self): - response = self.client.post('/login/', {'username': 'alice', 'password': 'ldaptest'}) + response = self.client.post('/login/', vars.LOGIN_ALICE) response = self.client.get('/') self.assertTemplateUsed(response, 'base.html') self.assertTemplateUsed(response, 'index.html') diff --git a/okupy/tests/integration/test_lists.py b/okupy/tests/integration/test_lists.py index f75bd78..a9ad99e 100644 --- a/okupy/tests/integration/test_lists.py +++ b/okupy/tests/integration/test_lists.py @@ -2,13 +2,12 @@ from django.conf import settings from django.test import TestCase - from django.test.client import Client from mockldap import MockLdap -from .. import vars -from ...common.test_helpers import ldap_users, set_search_seed +from okupy.tests import vars + class ListsIntegrationTests(TestCase): @classmethod diff --git a/okupy/tests/integration/test_login.py b/okupy/tests/integration/test_login.py index 9ab30df..f30c742 100644 --- a/okupy/tests/integration/test_login.py +++ b/okupy/tests/integration/test_login.py @@ -6,8 +6,7 @@ from django.test.client import Client from mockldap import MockLdap -from .. import vars -from ...common.test_helpers import ldap_users, set_search_seed +from okupy.tests import vars class LoginIntegrationTests(TestCase): @@ -56,5 +55,6 @@ class LoginIntegrationTests(TestCase): self.mockldap.start() def test_redirect_to_requested_page_after_login(self): - response = self.client.post('/login/?next=/otp-setup/', vars.LOGIN_ALICE) + response = self.client.post('/login/?next=/otp-setup/', + vars.LOGIN_ALICE) self.assertRedirects(response, '/otp-setup/', 302, 200) diff --git a/okupy/tests/integration/test_signup.py b/okupy/tests/integration/test_signup.py index b6e641d..86041b5 100644 --- a/okupy/tests/integration/test_signup.py +++ b/okupy/tests/integration/test_signup.py @@ -5,7 +5,7 @@ from django.test import TestCase from django.test.client import Client from mockldap import MockLdap -from .. import vars +from okupy.tests import vars class SignupIntegrationTests(TestCase): diff --git a/okupy/tests/settings.py b/okupy/tests/settings.py index 74dfa84..97b2844 100644 --- a/okupy/tests/settings.py +++ b/okupy/tests/settings.py @@ -57,7 +57,6 @@ INSTALLED_APPS = ( 'okupy.crypto', 'okupy.otp.sotp', 'okupy.otp.totp', - 'okupy.tests', ) #Compressor settings diff --git a/okupy/tests/unit/test_auth.py b/okupy/tests/unit/test_auth.py index 7c445f6..d514999 100644 --- a/okupy/tests/unit/test_auth.py +++ b/okupy/tests/unit/test_auth.py @@ -6,8 +6,8 @@ from django.conf import settings from django.contrib.auth import authenticate from django.test import TestCase -from .. import vars -from ...common.test_helpers import ldap_users, set_request +from okupy.common.test_helpers import ldap_users, set_request +from okupy.tests import vars import base64 diff --git a/okupy/tests/unit/test_cipher.py b/okupy/tests/unit/test_cipher.py index 0589dfd..a306610 100644 --- a/okupy/tests/unit/test_cipher.py +++ b/okupy/tests/unit/test_cipher.py @@ -5,7 +5,7 @@ from unittest import TestCase, SkipTest from django.contrib.sessions.backends.cache import SessionStore -from ...crypto.ciphers import cipher, sessionrefcipher +from okupy.crypto.ciphers import cipher, sessionrefcipher class OkupyCipherTests(TestCase): diff --git a/okupy/tests/unit/test_index.py b/okupy/tests/unit/test_index.py index eb6861e..b35d99a 100644 --- a/okupy/tests/unit/test_index.py +++ b/okupy/tests/unit/test_index.py @@ -6,9 +6,9 @@ from django.test import TestCase from mockldap import MockLdap -from .. import vars -from ...accounts.views import index -from ...common.test_helpers import set_request +from okupy.accounts.views import index +from okupy.common.test_helpers import set_request +from okupy.tests import vars class IndexUnitTests(TestCase): diff --git a/okupy/tests/unit/test_lists.py b/okupy/tests/unit/test_lists.py index 04803f9..b5d7006 100644 --- a/okupy/tests/unit/test_lists.py +++ b/okupy/tests/unit/test_lists.py @@ -5,9 +5,9 @@ from django.core.urlresolvers import resolve from mockldap import MockLdap -from .. import vars -from ...accounts.views import lists -from ...common.test_helpers import OkupyTestCase, set_request +from okupy.accounts.views import lists +from okupy.common.test_helpers import OkupyTestCase, set_request +from okupy.tests import vars class ListsUnitTests(OkupyTestCase): @@ -34,7 +34,11 @@ class ListsUnitTests(OkupyTestCase): def test_rendered_devlist_page(self): request = set_request(uri='/devlist') response = lists(request, 'devlist') - page_part = '<tr>\n <td class="devname"><b>alice</b></td>\n <td>Alice Adams</td>\n <td><a href="http://maps.google.com/maps?q=City1, Country1">City1, Country1</a></td>\n <td class="tableinfo">kde, qt, cluster</td>\n </tr>' + page_part = '<tr>\n <td class="devname"><b>alice' + '</b></td>\n <td>Alice Adams</td>\n ' + '<td><a href="http://maps.google.com/maps?q=City1, Country1">' + 'City1, Country1</a></td>\n <td class="tableinfo">' + 'kde, qt, cluster</td>\n </tr>' self.assertIn(page_part, response.content) def test_former_devlist_url_resolves_to_lists_view(self): @@ -49,7 +53,11 @@ class ListsUnitTests(OkupyTestCase): def test_rendered_former_devlist_page(self): request = set_request(uri='/former-devlist') response = lists(request, 'former-devlist') - page_part = '<tr>\n <td class="devname"><b>john</b></td>\n <td>John Smith</td>\n <td><a href="http://maps.google.com/maps?q=City3, Country3">City3, Country3</a></td>\n <td class="tableinfo">kernel, security</td>\n </tr>' + page_part = '<tr>\n <td class="devname"><b>john' + '</b></td>\n <td>John Smith</td>\n ' + '<td><a href="http://maps.google.com/maps?q=City3, Country3">' + 'City3, Country3</a></td>\n <td class="tableinfo">' + 'kernel, security</td>\n </tr>' self.assertIn(page_part, response.content) def test_foundation_members_list_url_resolves_to_lists_view(self): @@ -64,5 +72,8 @@ class ListsUnitTests(OkupyTestCase): def test_rendered_foundation_members_page(self): request = set_request(uri='/foundation-members') response = lists(request, 'foundation-members') - page_part = '<tr>\n <td style="color:#5c4f85;"><b>bob</b></td>\n <td>Robert Barker</td>\n <td><a href="http://maps.google.com/maps?q=City2, Country2">City2, Country2</a></td>\n </tr>' + page_part = '<tr>\n <td style="color:#5c4f85;"><b>bob' + '</b></td>\n <td>Robert Barker</td>\n ' + '<td><a href="http://maps.google.com/maps?q=City2, Country2">' + 'City2, Country2</a></td>\n </tr>' self.assertIn(page_part, response.content) diff --git a/okupy/tests/unit/test_login.py b/okupy/tests/unit/test_login.py index d674150..b602d65 100644 --- a/okupy/tests/unit/test_login.py +++ b/okupy/tests/unit/test_login.py @@ -12,11 +12,12 @@ from Crypto import Random from passlib.hash import ldap_md5_crypt from mockldap import MockLdap -from .. import vars -from ...accounts.views import login, logout -from ...accounts.forms import LoginForm -from ...common.test_helpers import OkupyTestCase, set_request, no_database, ldap_users -from ...crypto.ciphers import cipher +from okupy.accounts.views import login, logout +from okupy.accounts.forms import LoginForm +from okupy.common.test_helpers import (OkupyTestCase, set_request, no_database, + ldap_users) +from okupy.crypto.ciphers import cipher +from okupy.tests import vars class LoginUnitTests(OkupyTestCase): @@ -32,13 +33,15 @@ class LoginUnitTests(OkupyTestCase): self.mockldap.stop() def test_incorrect_user_raises_login_failed(self): - request = set_request(uri='/login', post=vars.LOGIN_WRONG, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_WRONG, + messages=True) response = login(request) response.context = RequestContext(request) self.assertMessage(response, 'Login failed', 40) def test_incorrect_user_does_not_get_transferred_in_db(self): - request = set_request(uri='/login', post=vars.LOGIN_WRONG, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_WRONG, + messages=True) login(request) self.assertEqual(User.objects.count(), 0) @@ -47,21 +50,25 @@ class LoginUnitTests(OkupyTestCase): 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend')) def test_no_database_raises_critical(self): - request = set_request(uri='/login', post=vars.LOGIN_ALICE, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_ALICE, + messages=True) response = login(request) response.context = RequestContext(request) - self.assertMessage(response, "Can't contact the LDAP server or the database", 40) + self.assertMessage(response, + "Can't contact the LDAP server or the database", 40) @no_database() @override_settings(AUTHENTICATION_BACKENDS=( 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend')) def test_no_database_sends_notification_mail(self): - request = set_request(uri='/login', post=vars.LOGIN_ALICE, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_ALICE, + messages=True) response = login(request) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % settings.EMAIL_SUBJECT_PREFIX)) + self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % + settings.EMAIL_SUBJECT_PREFIX)) def test_correct_user_gets_transferred_in_db(self): request = set_request(uri='/login', post=vars.LOGIN_ALICE) @@ -77,17 +84,25 @@ class LoginUnitTests(OkupyTestCase): def test_secondary_password_is_added_in_login(self): request = set_request(uri='/login', post=vars.LOGIN_ALICE) login(request) - self.assertEqual(len(ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']), 2) + self.assertEqual(len(ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword']), 2) self.assertEqual(len(request.session['secondary_password']), 48) def test_secondary_password_is_removed_in_logout(self): secondary_password = Random.get_random_bytes(48) - secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode(secondary_password)) - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(secondary_password_crypt) - request = set_request(uri='/login', post=vars.LOGIN_ALICE, user=vars.USER_ALICE) - request.session['secondary_password'] = cipher.encrypt(secondary_password) + secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode( + secondary_password)) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(secondary_password_crypt) + request = set_request(uri='/login', post=vars.LOGIN_ALICE, + user=vars.USER_ALICE) + request.session['secondary_password'] = cipher.encrypt( + secondary_password) logout(request) - self.assertEqual(len(ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']), 1) + self.assertEqual(len(ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword']), 1) class LoginUnitTestsNoLDAP(OkupyTestCase): @@ -103,15 +118,19 @@ class LoginUnitTestsNoLDAP(OkupyTestCase): def test_rendered_login_form(self): request = set_request(uri='/login') response = login(request) - login_form_part = '<input id="id_username" maxlength="100" name="username" type="text" />' + login_form_part = '<input id="id_username" maxlength="100"' + 'name="username" type="text" />' self.assertIn(login_form_part, response.content) def test_empty_user_raises_form_error_messages(self): request = set_request(uri='/login') response = login(request) - response.context = RequestContext(request, {'login_form': LoginForm(request.POST)}) - self.assertFormError(response, 'login_form', 'username', 'This field is required.') - self.assertFormError(response, 'login_form', 'password', 'This field is required.') + response.context = RequestContext(request, { + 'login_form': LoginForm(request.POST)}) + self.assertFormError(response, 'login_form', 'username', + 'This field is required.') + self.assertFormError(response, 'login_form', 'password', + 'This field is required.') def test_empty_user_raises_login_failed(self): request = set_request(uri='/login', post=True, messages=True) @@ -126,14 +145,17 @@ class LoginUnitTestsNoLDAP(OkupyTestCase): self.assertMessage(response, 'Login failed', 40) def test_no_ldap_connection_raises_login_failed_in_login(self): - request = set_request(uri='/login', post=vars.LOGIN_WRONG, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_WRONG, + messages=True) response = login(request) response.context = RequestContext(request) self.assertMessage(response, 'Login failed', 40) def test_no_ldap_connection_in_logout_sends_notification_mail(self): - request = set_request(uri='/login', post=vars.LOGIN_ALICE, user=vars.USER_ALICE) + request = set_request(uri='/login', post=vars.LOGIN_ALICE, + user=vars.USER_ALICE) request.session['secondary_password'] = 'test' logout(request) self.assertEqual(len(mail.outbox), 1) - self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % settings.EMAIL_SUBJECT_PREFIX)) + self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % + settings.EMAIL_SUBJECT_PREFIX)) diff --git a/okupy/tests/unit/test_openid.py b/okupy/tests/unit/test_openid.py index 4d5a75a..0807a3d 100644 --- a/okupy/tests/unit/test_openid.py +++ b/okupy/tests/unit/test_openid.py @@ -2,18 +2,18 @@ from django.test import TestCase -from ...accounts.openid_store import DjangoDBOpenIDStore +from okupy.accounts.openid_store import DjangoDBOpenIDStore import time class OpenIDStoreTests(TestCase): - def setUp(self): - self.store = DjangoDBOpenIDStore() + def setUp(self): + self.store = DjangoDBOpenIDStore() - def test_nonce_integrity(self): - nonce = ('http://example.com', time.time(), 'pepper') - # first one should succeed, the second one should fail because - # of reused nonce - self.assertTrue(self.store.useNonce(*nonce)) - self.assertFalse(self.store.useNonce(*nonce)) + def test_nonce_integrity(self): + nonce = ('http://example.com', time.time(), 'pepper') + # first one should succeed, the second one should fail because + # of reused nonce + self.assertTrue(self.store.useNonce(*nonce)) + self.assertFalse(self.store.useNonce(*nonce)) diff --git a/okupy/tests/unit/test_secondary_password.py b/okupy/tests/unit/test_secondary_password.py index 885c3cb..ff0a794 100644 --- a/okupy/tests/unit/test_secondary_password.py +++ b/okupy/tests/unit/test_secondary_password.py @@ -8,10 +8,11 @@ from Crypto import Random from mockldap import MockLdap from passlib.hash import ldap_md5_crypt -from .. import vars -from ...common.ldap_helpers import set_secondary_password, remove_secondary_password -from ...common.test_helpers import set_request, set_search_seed, ldap_users -from ...crypto.ciphers import cipher +from okupy.common.ldap_helpers import (set_secondary_password, + remove_secondary_password) +from okupy.common.test_helpers import set_request, ldap_users +from okupy.crypto.ciphers import cipher +from okupy.tests import vars class SecondaryPassword(TestCase): @@ -35,60 +36,89 @@ class SecondaryPassword(TestCase): request = set_request(uri='/', user=vars.USER_ALICE) self.assertEqual(len(ldap_users('alice')[1]['userPassword']), 1) set_secondary_password(request, 'ldaptest') - self.assertEqual(len(ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']), 2) + self.assertEqual(len(ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword']), 2) def test_remove_leftovers_before_adding_secondary_password(self): leftover = ldap_md5_crypt.encrypt('leftover_password') - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(leftover) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(leftover) request = set_request(uri='/', user=vars.USER_ALICE) set_secondary_password(request, 'ldaptest') - self.assertNotIn(leftover, ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']) + self.assertNotIn(leftover, ldap_users( + 'alice', directory=self.ldapobject.directory)[1]['userPassword']) def test_dont_remove_primary_password_while_cleaning_leftovers(self): leftover = ldap_md5_crypt.encrypt('leftover_password') - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(leftover) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(leftover) request = set_request(uri='/', user=vars.USER_ALICE) set_secondary_password(request, 'ldaptest') - self.assertTrue(ldap_md5_crypt.verify('ldaptest', ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword'][0])) + self.assertTrue(ldap_md5_crypt.verify( + 'ldaptest', ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword'][0])) def test_dont_remove_unknown_hashes_while_cleaning_leftovers(self): leftover = ldap_md5_crypt.encrypt('leftover_password') - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(leftover) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(leftover) leftover2 = 'plain_leftover2' - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(leftover2) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(leftover2) request = set_request(uri='/', user=vars.USER_ALICE) set_secondary_password(request, 'ldaptest') - self.assertIn(leftover2, ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']) + self.assertIn(leftover2, ldap_users( + 'alice', directory=self.ldapobject.directory)[1]['userPassword']) def test_session_and_ldap_secondary_passwords_match(self): request = set_request(uri='/', user=vars.USER_ALICE) set_secondary_password(request, 'ldaptest') - self.assertTrue(ldap_md5_crypt.verify(b64encode(cipher.decrypt(request.session['secondary_password'], 48)), ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword'][1])) + self.assertTrue(ldap_md5_crypt.verify(b64encode(cipher.decrypt( + request.session['secondary_password'], 48)), + ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword'][1])) def test_remove_secondary_password_from_ldap(self): secondary_password = Random.get_random_bytes(48) - secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode(secondary_password)) - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(secondary_password_crypt) + secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode( + secondary_password)) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(secondary_password_crypt) request = set_request(uri='/', user=vars.USER_ALICE) - request.session['secondary_password'] = cipher.encrypt(secondary_password) + request.session['secondary_password'] = cipher.encrypt( + secondary_password) remove_secondary_password(request) - self.assertNotIn(secondary_password_crypt, ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']) + self.assertNotIn(secondary_password_crypt, ldap_users( + 'alice', directory=self.ldapobject.directory)[1]['userPassword']) - def test_dont_remove_primary_password_while_removing_secondary_password(self): + def test_dont_remove_primary_password_when_removing_secondary_passwd(self): secondary_password = Random.get_random_bytes(48) - secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode(secondary_password)) - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(secondary_password_crypt) + secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode( + secondary_password)) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(secondary_password_crypt) request = set_request(uri='/', user=vars.USER_ALICE) - request.session['secondary_password'] = cipher.encrypt(secondary_password) + request.session['secondary_password'] = cipher.encrypt( + secondary_password) remove_secondary_password(request) - self.assertTrue(ldap_md5_crypt.verify('ldaptest', ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword'][0])) + self.assertTrue(ldap_md5_crypt.verify('ldaptest', ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword'][0])) - def test_dont_remove_unknown_hashes_while_removing_secondary_password(self): + def test_dont_remove_unknown_hashes_when_removing_secondary_password(self): secondary_password = Random.get_random_bytes(48) - secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode(secondary_password)) - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append('unknown_hash') - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(secondary_password_crypt) + secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode( + secondary_password)) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append('unknown_hash') + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(secondary_password_crypt) request = set_request(uri='/', user=vars.USER_ALICE) - request.session['secondary_password'] = cipher.encrypt(secondary_password) + request.session['secondary_password'] = cipher.encrypt( + secondary_password) remove_secondary_password(request) - self.assertIn('unknown_hash', ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']) + self.assertIn('unknown_hash', ldap_users( + 'alice', directory=self.ldapobject.directory)[1]['userPassword']) diff --git a/okupy/tests/unit/test_signup.py b/okupy/tests/unit/test_signup.py index 2f4485d..459e3f8 100644 --- a/okupy/tests/unit/test_signup.py +++ b/okupy/tests/unit/test_signup.py @@ -8,11 +8,12 @@ from django.template import RequestContext from mockldap import MockLdap from passlib.hash import ldap_md5_crypt -from .. import vars -from ...accounts.forms import SignupForm -from ...accounts.models import LDAPUser, Queue -from ...accounts.views import signup, activate -from ...common.test_helpers import OkupyTestCase, set_request, no_database, ldap_users +from okupy.accounts.forms import SignupForm +from okupy.accounts.models import Queue +from okupy.accounts.views import signup, activate +from okupy.common.test_helpers import (OkupyTestCase, set_request, ldap_users, + no_database) +from okupy.tests import vars class SignupUnitTests(OkupyTestCase): @@ -50,7 +51,8 @@ class SignupUnitTests(OkupyTestCase): request = set_request(uri='/signup', post=_form, messages=True) response = signup(request) response.context = RequestContext(request) - self.assertMessage(response, 'Account is already pending activation', 40) + self.assertMessage(response, + 'Account is already pending activation', 40) def test_email_already_pending_activation(self): _form = vars.SIGNUP_TESTUSER.copy() @@ -59,7 +61,8 @@ class SignupUnitTests(OkupyTestCase): request = set_request(uri='/signup', post=_form, messages=True) response = signup(request) response.context = RequestContext(request) - self.assertMessage(response, 'Account is already pending activation', 40) + self.assertMessage(response, + 'Account is already pending activation', 40) def test_add_queued_account_to_ldap_prints_success_message(self): vars.QUEUEDUSER.save() @@ -67,26 +70,35 @@ class SignupUnitTests(OkupyTestCase): request = set_request(uri=activate_url, messages=True) response = activate(request, vars.QUEUEDUSER.encrypted_id) response.context = RequestContext(request) - self.assertMessage(response, 'Your account has been activated successfully', 25) + self.assertMessage(response, + 'Your account has been activated successfully', 25) def test_queued_account_gets_added_to_ldap(self): vars.QUEUEDUSER.save() activate_url = '/activate/%s/' % vars.QUEUEDUSER.encrypted_id request = set_request(activate_url, messages=True) activate(request, vars.QUEUEDUSER.encrypted_id) - self.assertTrue(ldap_users(vars.QUEUEDUSER.username, directory=self.ldapobject.directory)) - ldap_account = ldap_users(vars.QUEUEDUSER.username, directory=self.ldapobject.directory)[1] - self.assertEqual(ldap_account['objectClass'], settings.AUTH_LDAP_USER_OBJECTCLASS) + self.assertTrue(ldap_users(vars.QUEUEDUSER.username, + directory=self.ldapobject.directory)) + ldap_account = ldap_users(vars.QUEUEDUSER.username, + directory=self.ldapobject.directory)[1] + self.assertEqual(ldap_account['objectClass'], + settings.AUTH_LDAP_USER_OBJECTCLASS) self.assertEqual(ldap_account['sn'][0], vars.QUEUEDUSER.last_name) - self.assertEqual(ldap_account['cn'][0], '%s %s' % (vars.QUEUEDUSER.first_name, vars.QUEUEDUSER.last_name)) - self.assertTrue(ldap_md5_crypt.verify(vars.QUEUEDUSER.password, ldap_account['userPassword'][0])) - self.assertEqual(ldap_account['givenName'][0], vars.QUEUEDUSER.first_name) + self.assertEqual(ldap_account['cn'][0], '%s %s' % ( + vars.QUEUEDUSER.first_name, vars.QUEUEDUSER.last_name)) + self.assertTrue(ldap_md5_crypt.verify(vars.QUEUEDUSER.password, + ldap_account['userPassword'][0])) + self.assertEqual(ldap_account['givenName'][0], + vars.QUEUEDUSER.first_name) self.assertEqual(ldap_account['mail'][0], vars.QUEUEDUSER.email) self.assertEqual(ldap_account['uid'][0], vars.QUEUEDUSER.username) self.assertEqual(ldap_account['uidNumber'][0], '1002') self.assertEqual(ldap_account['gidNumber'][0], '100') - self.assertEqual(ldap_account['gecos'][0], '%s %s' % (vars.QUEUEDUSER.first_name, vars.QUEUEDUSER.last_name)) - self.assertEqual(ldap_account['homeDirectory'][0], '/home/%s' % vars.QUEUEDUSER.username) + self.assertEqual(ldap_account['gecos'][0], '%s %s' % ( + vars.QUEUEDUSER.first_name, vars.QUEUEDUSER.last_name)) + self.assertEqual(ldap_account['homeDirectory'][0], + '/home/%s' % vars.QUEUEDUSER.username) self.assertEqual(ldap_account['gentooACL'][0], 'user.group') def test_add_queued_account_remove_from_queue(self): @@ -97,46 +109,59 @@ class SignupUnitTests(OkupyTestCase): self.assertEqual(Queue.objects.count(), 0) def test_valid_data_to_signup_form_prints_info_message(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) - self.assertMessage(response, 'You will shortly receive an activation mail', 20) + self.assertMessage(response, + 'You will shortly receive an activation mail', 20) def test_valid_data_to_signup_form_sends_activation_mail(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertEqual(mail.outbox[0].subject, '%sAccount Activation' % settings.EMAIL_SUBJECT_PREFIX) + self.assertEqual(mail.outbox[0].subject, '%sAccount Activation' % + settings.EMAIL_SUBJECT_PREFIX) def test_valid_data_to_signup_form_adds_user_to_queue(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertEqual(Queue.objects.count(), 1) vars.QUEUEDUSER = Queue.objects.get(pk=1) - self.assertEqual(vars.QUEUEDUSER.username, vars.SIGNUP_TESTUSER['username']) - self.assertEqual(vars.QUEUEDUSER.first_name, vars.SIGNUP_TESTUSER['first_name']) - self.assertEqual(vars.QUEUEDUSER.last_name, vars.SIGNUP_TESTUSER['last_name']) + self.assertEqual(vars.QUEUEDUSER.username, + vars.SIGNUP_TESTUSER['username']) + self.assertEqual(vars.QUEUEDUSER.first_name, + vars.SIGNUP_TESTUSER['first_name']) + self.assertEqual(vars.QUEUEDUSER.last_name, + vars.SIGNUP_TESTUSER['last_name']) self.assertEqual(vars.QUEUEDUSER.email, vars.SIGNUP_TESTUSER['email']) - self.assertEqual(vars.QUEUEDUSER.password, vars.SIGNUP_TESTUSER['password_origin']) + self.assertEqual(vars.QUEUEDUSER.password, + vars.SIGNUP_TESTUSER['password_origin']) # note: this needs to be kept in line with used cipher - self.assertRegexpMatches(vars.QUEUEDUSER.encrypted_id, '^[a-zA-Z0-9_-]{22}$') + self.assertRegexpMatches(vars.QUEUEDUSER.encrypted_id, + '^[a-zA-Z0-9_-]{22}$') @no_database() def test_no_database_connection_raises_error_in_signup(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertMessage(response, "Can't contact the database", 40) @no_database() def test_no_database_connection_sends_notification_mail_in_signup(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % settings.EMAIL_SUBJECT_PREFIX)) + self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % + settings.EMAIL_SUBJECT_PREFIX)) @no_database() def test_no_database_connection_raises_error_in_activation(self): @@ -146,11 +171,12 @@ class SignupUnitTests(OkupyTestCase): self.assertMessage(response, "Can't contact the database", 40) @no_database() - def test_no_database_connection_sends_notification_mail_in_activation(self): + def test_no_database_connection_sends_notificationmail_in_activation(self): request = set_request('/activate/test', messages=True) activate(request, vars.QUEUEDUSER.encrypted_id) self.assertEqual(len(mail.outbox), 1) - self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % settings.EMAIL_SUBJECT_PREFIX)) + self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % + settings.EMAIL_SUBJECT_PREFIX)) def test_add_first_user_in_empty_ldap_directory(self): vars.QUEUEDUSER.save() @@ -158,8 +184,11 @@ class SignupUnitTests(OkupyTestCase): self.ldapobject.directory = ldap_users(clean=True) request = set_request(activate_url, messages=True) activate(request, vars.QUEUEDUSER.encrypted_id) - self.assertTrue(ldap_users(vars.QUEUEDUSER.username, directory=self.ldapobject.directory)) - self.assertEqual(ldap_users(vars.QUEUEDUSER.username, directory=self.ldapobject.directory)[1]['uidNumber'][0], '1') + self.assertTrue(ldap_users(vars.QUEUEDUSER.username, + directory=self.ldapobject.directory)) + self.assertEqual(ldap_users( + vars.QUEUEDUSER.username, + directory=self.ldapobject.directory)[1]['uidNumber'][0], '1') class SignupunitTestsNoLDAP(OkupyTestCase): @@ -175,27 +204,38 @@ class SignupunitTestsNoLDAP(OkupyTestCase): def test_rendered_signup_form(self): request = set_request(uri='/signup') response = signup(request) - signup_form_part = '<label for="id_first_name">First Name:</label><input id="id_first_name" maxlength="100" name="first_name" type="text" />' + signup_form_part = '<label for="id_first_name">First Name:</label>' + '<input id="id_first_name" maxlength="100" name="first_name"' + 'type="text" />' self.assertIn(signup_form_part, response.content) def test_empty_signup_form_raises_form_error_messages(self): request = set_request(uri='/signup') response = signup(request) - response.context = RequestContext(request, {'signup_form': SignupForm(request.POST)}) - self.assertFormError(response, 'signup_form', 'username', 'This field is required.') - self.assertFormError(response, 'signup_form', 'first_name', 'This field is required.') - self.assertFormError(response, 'signup_form', 'last_name', 'This field is required.') - self.assertFormError(response, 'signup_form', 'email', 'This field is required.') - self.assertFormError(response, 'signup_form', 'password_origin', 'This field is required.') - self.assertFormError(response, 'signup_form', 'password_verify', 'This field is required.') + response.context = RequestContext(request, {'signup_form': + SignupForm(request.POST)}) + self.assertFormError(response, 'signup_form', 'username', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'first_name', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'last_name', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'email', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'password_origin', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'password_verify', + 'This field is required.') def test_passwords_dont_match(self): _form = vars.SIGNUP_TESTUSER.copy() _form['password_verify'] = 'wrong' request = set_request(uri='/signup', post=_form) response = signup(request) - response.context = RequestContext(request, {'signup_form': SignupForm(request.POST)}) - self.assertFormError(response, 'signup_form', 'password_verify', "Passwords don't match") + response.context = RequestContext(request, {'signup_form': + SignupForm(request.POST)}) + self.assertFormError(response, 'signup_form', 'password_verify', + "Passwords don't match") def test_wrong_activaltion_link_raises_invalid_url(self): request = set_request(uri='/activate/invalidurl', messages=True) @@ -204,17 +244,22 @@ class SignupunitTestsNoLDAP(OkupyTestCase): self.assertMessage(response, 'Invalid URL', 40) def test_no_ldap_connection_raises_error_in_signup(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertMessage(response, "Can't contact LDAP server", 40) def test_no_ldap_connection_sends_notification_mail_in_signup(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertEqual(mail.outbox[0].subject, '%sERROR: {\'desc\': "Can\'t contact LDAP server"}' % settings.EMAIL_SUBJECT_PREFIX) + self.assertEqual( + mail.outbox[0].subject, + '%sERROR: {\'desc\': "Can\'t contact LDAP server"}' % + settings.EMAIL_SUBJECT_PREFIX) def test_no_ldap_connection_raises_error_in_activation(self): vars.QUEUEDUSER.save() @@ -231,4 +276,7 @@ class SignupunitTestsNoLDAP(OkupyTestCase): response = activate(request, vars.QUEUEDUSER.encrypted_id) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertEqual(mail.outbox[0].subject, '%sERROR: {\'desc\': "Can\'t contact LDAP server"}' % settings.EMAIL_SUBJECT_PREFIX) + self.assertEqual( + mail.outbox[0].subject, + '%sERROR: {\'desc\': "Can\'t contact LDAP server"}' % + settings.EMAIL_SUBJECT_PREFIX) diff --git a/okupy/tests/unit/test_ssh.py b/okupy/tests/unit/test_ssh.py index 915be6a..cc4c029 100644 --- a/okupy/tests/unit/test_ssh.py +++ b/okupy/tests/unit/test_ssh.py @@ -6,12 +6,11 @@ from django.test.utils import override_settings import base64 import socket - import paramiko -from ..vars import TEST_SSH_KEY_FOR_NO_USER -from ...common.ssh import ssh_handler, SSHServer -from ...common.exceptions import OkupyError +from okupy import OkupyError +from okupy.common.ssh import ssh_handler, SSHServer +from okupy.tests.vars import TEST_SSH_KEY_FOR_NO_USER @override_settings(SSH_HANDLERS={}) @@ -104,8 +103,8 @@ class SSHUnitTests(TestCase): def onearg(key): raise TypeError - self.assertRaises(TypeError, - self._server.check_auth_publickey, 'onearg', self._key) + self.assertRaises( + TypeError, self._server.check_auth_publickey, 'onearg', self._key) def test_result_caching_works(self): class Cache(object): @@ -120,6 +119,7 @@ class SSHUnitTests(TestCase): return None cache = Cache() + @ssh_handler def cached(key): return cache(key) @@ -170,6 +170,7 @@ class SSHUnitTests(TestCase): return None cache = Cache() + @ssh_handler def cached(key): return cache(key) diff --git a/okupy/tests/vars.py b/okupy/tests/vars.py index c2e9152..8f3645c 100644 --- a/okupy/tests/vars.py +++ b/okupy/tests/vars.py @@ -5,7 +5,7 @@ from django.conf import settings from django.contrib.auth.models import User -from ..accounts.models import Queue +from okupy.accounts.models import Queue # LDAP directory @@ -32,7 +32,15 @@ DIRECTORY = { "gentooRoles": ["kde, qt, cluster"], "gentooLocation": ["City1, Country1"], "gentooACL": ["user.group", "developer.group"], - "sshPublicKey": ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbtxfr9vRO4xkDuUnsu02rL7BtBiABADkWdugnMxRAV6nKokitytgLGDhjY6iB8C87K8mCxz/ksMO+uct/lUEHMf1M2P1rPEStrJoXQuTXQbtVl7iF5cySbXhtd7Nu7DcXe1cIynVkbFosB2mznr8Db3633DnEslppUGvHdjHYoCAWsjv5juHESkBy62HhYgc1ZoGFj6ilrJhOdHs2ji2YBHJXPG2sB3uQleY5/KfAeSwESBH7D36VqRXf22Ya0nExnVh3h9jtzZmwIll35VHH/G9NmTmW/8lpl7BGV7fx10tByfvSLrQg2ZniiY3SfXdbraVm/FEuJ9+X81jpNQDd", "invalid-key-too-short", "ssh-rsa $$$INVALID%", "invalid-key-type AAAA=="], + "sshPublicKey": ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbtxfr9vRO4xkD" + "uUnsu02rL7BtBiABADkWdugnMxRAV6nKokitytgLGDhjY6iB8C87" + "K8mCxz/ksMO+uct/lUEHMf1M2P1rPEStrJoXQuTXQbtVl7iF5cyS" + "bXhtd7Nu7DcXe1cIynVkbFosB2mznr8Db3633DnEslppUGvHdjHY" + "oCAWsjv5juHESkBy62HhYgc1ZoGFj6ilrJhOdHs2ji2YBHJXPG2s" + "B3uQleY5/KfAeSwESBH7D36VqRXf22Ya0nExnVh3h9jtzZmwIll3" + "5VHH/G9NmTmW/8lpl7BGV7fx10tByfvSLrQg2ZniiY3SfXdbraVm" + "/FEuJ9+X81jpNQDd", "invalid-key-too-short", + "ssh-rsa $$$INVALID%", "invalid-key-type AAAA=="], }, "uid=bob,ou=people,o=test": { "uid": ["bob"], @@ -47,7 +55,27 @@ DIRECTORY = { "gentoRoles": ["nothing"], "gentooLocation": ["City2, Country2"], "gentooACL": ["user.group", "foundation.group"], - "sshPublicKey": ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUSOgwQ6uljefD9BiwhiGzRGn+sg7D3AKcqU8PWrB+p74n9GBIccc/iSuG458iid08FvUqHjY0RLwMQADND7NOGaEEW0NXbyblA6xZhZu6BgnFC4LZBHy5eok+sWIZddAgT8qAYXMW8GYzUZSPchtOFbMkyzaQlWYkjx1Z0usOdnl/QRPuabFTQjWtJ+lw8hrPydl1ZYP+FIUZy9NU/SxC2qgufmh3+nTzfnfQgupfQc6I9lXNR98vm/t5saVsuQReIIc4sR3mOmT5AnH6uCyjRBKnxq8ndcInfGagwpcx80o6+/V0QNIdr5NP1jRiXDbc/BT8NP/X4mWIpJNEIujj bob@example.com", "ssh-dss AAAAB3NzaC1kc3MAAACBAOpXehglYVU5efZoBGrRKHcsQvlS4jDAFGgsqNRQwM4F7anFIhaEYxs8REEhKNOUXEalFCUegtBxgKjvNRH+MBMJ5o6BAsDuTobwhFS7imcj5JO7QA6kfyNokNkULbqCOfmS9xmFozj2bk0zpKcvW54Zf91dHHT+NsmAXrcIw1onAAAAFQDLARFN4O0wquVKl/XGItngEeQGdwAAAIEAtTP8JkR9XZHkqb0s/uRA+2Wh9uOipc1+IgJn+UX15or2/zuudcG5loaVpDepuLuzhjrn/BZwj1GAncv/AFo4YraATU77HxNEXstHwkf5K8FaJ2f/6bVs7i/P9NS9rXys+HdOiPmAbvv9Hm69jw/Xbwnz752O7gvSNJPWjrC2460AAACBAItwlTJ2aUD7BSgjgaqGOrjUamnIMOi833RCc2XN9F9aY2z8DNr3O7KN5qzTUuLU4ltQbBO9Ct5CZmx785COTkJMXjoYVC7ObfKc8T0xB1FZzf7bIaqcC0dDmfrCzmcQdOTIJvKNlniRBG1XAQ7lf7YvX0We+C14oVU2FhyueoEe", "invalid-key-too-short", "ssh-rsa $$$INVALID%", "invalid-key-type AAAA=="], + "sshPublicKey": ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUSOgwQ6uljefD" + "9BiwhiGzRGn+sg7D3AKcqU8PWrB+p74n9GBIccc/iSuG458iid08" + "FvUqHjY0RLwMQADND7NOGaEEW0NXbyblA6xZhZu6BgnFC4LZBHy5" + "eok+sWIZddAgT8qAYXMW8GYzUZSPchtOFbMkyzaQlWYkjx1Z0usO" + "dnl/QRPuabFTQjWtJ+lw8hrPydl1ZYP+FIUZy9NU/SxC2qgufmh3" + "+nTzfnfQgupfQc6I9lXNR98vm/t5saVsuQReIIc4sR3mOmT5AnH6" + "uCyjRBKnxq8ndcInfGagwpcx80o6+/V0QNIdr5NP1jRiXDbc/BT8" + "NP/X4mWIpJNEIujj bob@example.com", + "ssh-dss AAAAB3NzaC1kc3MAAACBAOpXehglYVU5efZoBGrRKHcs" + "QvlS4jDAFGgsqNRQwM4F7anFIhaEYxs8REEhKNOUXEalFCUegtBx" + "gKjvNRH+MBMJ5o6BAsDuTobwhFS7imcj5JO7QA6kfyNokNkULbqC" + "OfmS9xmFozj2bk0zpKcvW54Zf91dHHT+NsmAXrcIw1onAAAAFQDL" + "ARFN4O0wquVKl/XGItngEeQGdwAAAIEAtTP8JkR9XZHkqb0s/uRA" + "+2Wh9uOipc1+IgJn+UX15or2/zuudcG5loaVpDepuLuzhjrn/BZw" + "j1GAncv/AFo4YraATU77HxNEXstHwkf5K8FaJ2f/6bVs7i/P9NS9" + "rXys+HdOiPmAbvv9Hm69jw/Xbwnz752O7gvSNJPWjrC2460AAACB" + "AItwlTJ2aUD7BSgjgaqGOrjUamnIMOi833RCc2XN9F9aY2z8DNr3" + "O7KN5qzTUuLU4ltQbBO9Ct5CZmx785COTkJMXjoYVC7ObfKc8T0x" + "B1FZzf7bIaqcC0dDmfrCzmcQdOTIJvKNlniRBG1XAQ7lf7YvX0We" + "+C14oVU2FhyueoEe", "invalid-key-too-short", + "ssh-rsa $$$INVALID%", "invalid-key-type AAAA=="], }, "uid=jack,ou=people,o=test": { "uid": ["jack"], @@ -150,4 +178,6 @@ vj3k/SSqj6qjnxryY6QSKWOTRbKhwmRHrrsFRuR2rCZWYZUJ6ohCDYrwVKvs7i2R VNG3Q7+oqLajmyDfZmHkENQ0rCdc -----END CERTIFICATE-----''' -TEST_SSH_KEY_FOR_NO_USER = 'AAAAB3NzaC1yc2EAAAADAQABAAAAYQCXMUpwxMi/01Th94+pP9r3bPGOEejSic7eH1VXHnqHPRFh9rOenSbhWLXwCUcM+0ZMoLmkJ3gMz3IKq2HTJfEwBcW/v/cm5b2lT6biO0u9Q5br4KosNhrvJBZ0f6trkCk=' +TEST_SSH_KEY_FOR_NO_USER = '''AAAAB3NzaC1yc2EAAAADAQABAAAAYQCXMUp +wxMi/01Th94+pP9r3bPGOEejSic7eH1VXHnqHPRFh9rOenSbhWLXwCUcM+0ZMoLmk +J3gMz3IKq2HTJfEwBcW/v/cm5b2lT6biO0u9Q5br4KosNhrvJBZ0f6trkCk=''' diff --git a/okupy/urls.py b/okupy/urls.py index 8e217bf..0a9a7d8 100644 --- a/okupy/urls.py +++ b/okupy/urls.py @@ -1,8 +1,9 @@ # vim:fileencoding=utf8:et:ts=4:sts=4:sw=4:ft=python from django.conf.urls import patterns, include -from .accounts.urls import accounts_urlpatterns +from okupy.accounts.urls import accounts_urlpatterns -urlpatterns = patterns('', +urlpatterns = patterns( + '', (r'^', include(accounts_urlpatterns)), ) diff --git a/okupy/wsgi.py b/okupy/wsgi.py index e2c657e..f1122d6 100644 --- a/okupy/wsgi.py +++ b/okupy/wsgi.py @@ -45,7 +45,7 @@ else: from django.utils import autoreload # autodiscover SSH handlers - import okupy.accounts.ssh + import okupy.accounts.ssh # noqa from okupy.common.ssh import ssh_main import Crypto.Random @@ -16,6 +16,7 @@ setup( keywords='django, ldap, gentoo', packages=find_packages(), include_package_data=True, + test_suite='okupy.tests.runtests', classifiers=[ 'Development Status :: 4 - Beta', 'Environment :: Web Environment', |