2022-02-03 20:24:19 +01:00
|
|
|
from django.contrib.auth.handlers.modwsgi import check_password, groups_for_user
|
2015-01-28 07:35:27 -05:00
|
|
|
from django.contrib.auth.models import Group, User
|
|
|
|
from django.test import TransactionTestCase, override_settings
|
2012-09-23 22:48:13 -07:00
|
|
|
|
2016-02-04 11:47:51 -05:00
|
|
|
from .models import CustomUser
|
|
|
|
|
2012-09-23 22:48:13 -07:00
|
|
|
|
2013-06-04 08:09:29 +02:00
|
|
|
# This must be a TransactionTestCase because the WSGI auth handler performs
|
|
|
|
# its own transaction management.
|
2012-09-29 12:10:52 +02:00
|
|
|
class ModWsgiHandlerTestCase(TransactionTestCase):
|
2012-09-23 22:48:13 -07:00
|
|
|
"""
|
|
|
|
Tests for the mod_wsgi authentication handler
|
|
|
|
"""
|
2013-06-04 08:09:29 +02:00
|
|
|
|
|
|
|
available_apps = [
|
2022-02-03 20:24:19 +01:00
|
|
|
"django.contrib.auth",
|
|
|
|
"django.contrib.contenttypes",
|
|
|
|
"auth_tests",
|
2013-06-04 08:09:29 +02:00
|
|
|
]
|
|
|
|
|
2012-09-23 22:48:13 -07:00
|
|
|
def test_check_password(self):
|
|
|
|
"""
|
2016-10-27 14:53:39 +07:00
|
|
|
check_password() returns the correct values as per
|
2016-04-28 10:09:57 -04:00
|
|
|
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
|
2012-09-23 22:48:13 -07:00
|
|
|
"""
|
2022-02-03 20:24:19 +01:00
|
|
|
User.objects.create_user("test", "test@example.com", "test")
|
2012-09-23 22:48:13 -07:00
|
|
|
|
|
|
|
# User not in database
|
2022-02-03 20:24:19 +01:00
|
|
|
self.assertIsNone(check_password({}, "unknown", ""))
|
2012-09-23 22:48:13 -07:00
|
|
|
|
|
|
|
# Valid user with correct password
|
2022-02-03 20:24:19 +01:00
|
|
|
self.assertTrue(check_password({}, "test", "test"))
|
2012-09-23 22:48:13 -07:00
|
|
|
|
2012-10-02 09:16:37 -07:00
|
|
|
# correct password, but user is inactive
|
2022-02-03 20:24:19 +01:00
|
|
|
User.objects.filter(username="test").update(is_active=False)
|
|
|
|
self.assertFalse(check_password({}, "test", "test"))
|
2012-10-02 09:16:37 -07:00
|
|
|
|
2012-09-23 22:48:13 -07:00
|
|
|
# Valid user with incorrect password
|
2022-02-03 20:24:19 +01:00
|
|
|
self.assertFalse(check_password({}, "test", "incorrect"))
|
2012-09-23 22:48:13 -07:00
|
|
|
|
2022-02-03 20:24:19 +01:00
|
|
|
@override_settings(AUTH_USER_MODEL="auth_tests.CustomUser")
|
2012-10-02 09:16:37 -07:00
|
|
|
def test_check_password_custom_user(self):
|
|
|
|
"""
|
2016-10-27 14:53:39 +07:00
|
|
|
check_password() returns the correct values as per
|
2016-04-28 10:09:57 -04:00
|
|
|
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
|
2016-10-27 14:53:39 +07:00
|
|
|
with a custom user installed.
|
2012-10-02 09:16:37 -07:00
|
|
|
"""
|
2022-02-03 20:24:19 +01:00
|
|
|
CustomUser._default_manager.create_user(
|
|
|
|
"test@example.com", "1990-01-01", "test"
|
|
|
|
)
|
2012-10-02 09:16:37 -07:00
|
|
|
|
|
|
|
# User not in database
|
2022-02-03 20:24:19 +01:00
|
|
|
self.assertIsNone(check_password({}, "unknown", ""))
|
2012-10-02 09:16:37 -07:00
|
|
|
|
|
|
|
# Valid user with correct password'
|
2022-02-03 20:24:19 +01:00
|
|
|
self.assertTrue(check_password({}, "test@example.com", "test"))
|
2012-10-02 09:16:37 -07:00
|
|
|
|
|
|
|
# Valid user with incorrect password
|
2022-02-03 20:24:19 +01:00
|
|
|
self.assertFalse(check_password({}, "test@example.com", "incorrect"))
|
2012-10-02 09:16:37 -07:00
|
|
|
|
2012-09-23 22:48:13 -07:00
|
|
|
def test_groups_for_user(self):
|
|
|
|
"""
|
2016-10-27 14:53:39 +07:00
|
|
|
groups_for_user() returns correct values as per
|
2016-04-28 10:09:57 -04:00
|
|
|
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-group-authorisation
|
2012-09-23 22:48:13 -07:00
|
|
|
"""
|
2022-02-03 20:24:19 +01:00
|
|
|
user1 = User.objects.create_user("test", "test@example.com", "test")
|
|
|
|
User.objects.create_user("test1", "test1@example.com", "test1")
|
|
|
|
group = Group.objects.create(name="test_group")
|
2012-10-02 09:16:37 -07:00
|
|
|
user1.groups.add(group)
|
2012-09-23 22:48:13 -07:00
|
|
|
|
|
|
|
# User not in database
|
2022-02-03 20:24:19 +01:00
|
|
|
self.assertEqual(groups_for_user({}, "unknown"), [])
|
2012-09-23 22:48:13 -07:00
|
|
|
|
2022-02-03 20:24:19 +01:00
|
|
|
self.assertEqual(groups_for_user({}, "test"), [b"test_group"])
|
|
|
|
self.assertEqual(groups_for_user({}, "test1"), [])
|