2012-09-24 05:48:13 +00:00
|
|
|
from __future__ import unicode_literals
|
|
|
|
|
2015-01-28 12:35:27 +00:00
|
|
|
from django.contrib.auth.handlers.modwsgi import (
|
|
|
|
check_password, groups_for_user,
|
|
|
|
)
|
|
|
|
from django.contrib.auth.models import Group, User
|
|
|
|
from django.test import TransactionTestCase, override_settings
|
2012-09-24 05:48:13 +00:00
|
|
|
|
2016-02-04 16:47:51 +00:00
|
|
|
from .models import CustomUser
|
|
|
|
|
2012-09-24 05:48:13 +00:00
|
|
|
|
2013-06-04 06:09:29 +00:00
|
|
|
# This must be a TransactionTestCase because the WSGI auth handler performs
|
|
|
|
# its own transaction management.
|
2012-09-29 10:10:52 +00:00
|
|
|
class ModWsgiHandlerTestCase(TransactionTestCase):
|
2012-09-24 05:48:13 +00:00
|
|
|
"""
|
|
|
|
Tests for the mod_wsgi authentication handler
|
|
|
|
"""
|
2013-06-04 06:09:29 +00:00
|
|
|
|
|
|
|
available_apps = [
|
|
|
|
'django.contrib.auth',
|
|
|
|
'django.contrib.contenttypes',
|
2016-02-04 16:47:51 +00:00
|
|
|
'auth_tests',
|
2013-06-04 06:09:29 +00:00
|
|
|
]
|
|
|
|
|
2012-09-24 05:48:13 +00:00
|
|
|
def test_check_password(self):
|
|
|
|
"""
|
|
|
|
Verify that check_password returns the correct values as per
|
2016-04-28 14:09:57 +00:00
|
|
|
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
|
2012-09-24 05:48:13 +00:00
|
|
|
"""
|
2012-10-02 16:16:37 +00:00
|
|
|
User.objects.create_user('test', 'test@example.com', 'test')
|
2012-09-24 05:48:13 +00:00
|
|
|
|
|
|
|
# User not in database
|
2014-10-28 10:02:56 +00:00
|
|
|
self.assertIsNone(check_password({}, 'unknown', ''))
|
2012-09-24 05:48:13 +00:00
|
|
|
|
|
|
|
# Valid user with correct password
|
|
|
|
self.assertTrue(check_password({}, 'test', 'test'))
|
|
|
|
|
2012-10-02 16:16:37 +00:00
|
|
|
# correct password, but user is inactive
|
|
|
|
User.objects.filter(username='test').update(is_active=False)
|
|
|
|
self.assertFalse(check_password({}, 'test', 'test'))
|
|
|
|
|
2012-09-24 05:48:13 +00:00
|
|
|
# Valid user with incorrect password
|
|
|
|
self.assertFalse(check_password({}, 'test', 'incorrect'))
|
|
|
|
|
2016-02-04 16:47:51 +00:00
|
|
|
@override_settings(AUTH_USER_MODEL='auth_tests.CustomUser')
|
2012-10-02 16:16:37 +00:00
|
|
|
def test_check_password_custom_user(self):
|
|
|
|
"""
|
|
|
|
Verify that check_password returns the correct values as per
|
2016-04-28 14:09:57 +00:00
|
|
|
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
|
2012-10-02 16:16:37 +00:00
|
|
|
with custom user installed
|
|
|
|
"""
|
|
|
|
|
2013-01-22 11:47:34 +00:00
|
|
|
CustomUser._default_manager.create_user('test@example.com', '1990-01-01', 'test')
|
2012-10-02 16:16:37 +00:00
|
|
|
|
|
|
|
# User not in database
|
2014-10-28 10:02:56 +00:00
|
|
|
self.assertIsNone(check_password({}, 'unknown', ''))
|
2012-10-02 16:16:37 +00:00
|
|
|
|
|
|
|
# Valid user with correct password'
|
|
|
|
self.assertTrue(check_password({}, 'test@example.com', 'test'))
|
|
|
|
|
|
|
|
# Valid user with incorrect password
|
|
|
|
self.assertFalse(check_password({}, 'test@example.com', 'incorrect'))
|
|
|
|
|
2012-09-24 05:48:13 +00:00
|
|
|
def test_groups_for_user(self):
|
|
|
|
"""
|
|
|
|
Check that groups_for_user returns correct values as per
|
2016-04-28 14:09:57 +00:00
|
|
|
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-group-authorisation
|
2012-09-24 05:48:13 +00:00
|
|
|
"""
|
2012-10-02 16:16:37 +00:00
|
|
|
user1 = User.objects.create_user('test', 'test@example.com', 'test')
|
|
|
|
User.objects.create_user('test1', 'test1@example.com', 'test1')
|
|
|
|
group = Group.objects.create(name='test_group')
|
|
|
|
user1.groups.add(group)
|
2012-09-24 05:48:13 +00:00
|
|
|
|
|
|
|
# User not in database
|
|
|
|
self.assertEqual(groups_for_user({}, 'unknown'), [])
|
|
|
|
|
|
|
|
self.assertEqual(groups_for_user({}, 'test'), [b'test_group'])
|
|
|
|
self.assertEqual(groups_for_user({}, 'test1'), [])
|