##// END OF EJS Templates
jro_apps » redmine
RSS
Add some tests for User#try_to_login with LDAP. #5592...
Eric Davis -
r3705:6ef240841cff
parent child
Show More
Side by Side Unified
Context file:
r3705:6ef240841cff Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,372 +1,387
1 1 # redMine - project management software
2 2 # Copyright (C) 2006 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.dirname(__FILE__) + '/../test_helper'
19 19
20 20 class UserTest < ActiveSupport::TestCase
21 21 fixtures :users, :members, :projects, :roles, :member_roles, :auth_sources
22 22
23 23 def setup
24 24 @admin = User.find(1)
25 25 @jsmith = User.find(2)
26 26 @dlopper = User.find(3)
27 27 end
28 28
29 29 test 'object_daddy creation' do
30 30 User.generate_with_protected!(:firstname => 'Testing connection')
31 31 User.generate_with_protected!(:firstname => 'Testing connection')
32 32 assert_equal 2, User.count(:all, :conditions => {:firstname => 'Testing connection'})
33 33 end
34 34
35 35 def test_truth
36 36 assert_kind_of User, @jsmith
37 37 end
38 38
39 39 def test_create
40 40 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
41 41
42 42 user.login = "jsmith"
43 43 user.password, user.password_confirmation = "password", "password"
44 44 # login uniqueness
45 45 assert !user.save
46 46 assert_equal 1, user.errors.count
47 47
48 48 user.login = "newuser"
49 49 user.password, user.password_confirmation = "passwd", "password"
50 50 # password confirmation
51 51 assert !user.save
52 52 assert_equal 1, user.errors.count
53 53
54 54 user.password, user.password_confirmation = "password", "password"
55 55 assert user.save
56 56 end
57 57
58 58 context "User.login" do
59 59 should "be case-insensitive." do
60 60 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
61 61 u.login = 'newuser'
62 62 u.password, u.password_confirmation = "password", "password"
63 63 assert u.save
64 64
65 65 u = User.new(:firstname => "Similar", :lastname => "User", :mail => "similaruser@somenet.foo")
66 66 u.login = 'NewUser'
67 67 u.password, u.password_confirmation = "password", "password"
68 68 assert !u.save
69 69 assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:login)
70 70 end
71 71 end
72 72
73 73 def test_mail_uniqueness_should_not_be_case_sensitive
74 74 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
75 75 u.login = 'newuser1'
76 76 u.password, u.password_confirmation = "password", "password"
77 77 assert u.save
78 78
79 79 u = User.new(:firstname => "new", :lastname => "user", :mail => "newUser@Somenet.foo")
80 80 u.login = 'newuser2'
81 81 u.password, u.password_confirmation = "password", "password"
82 82 assert !u.save
83 83 assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:mail)
84 84 end
85 85
86 86 def test_update
87 87 assert_equal "admin", @admin.login
88 88 @admin.login = "john"
89 89 assert @admin.save, @admin.errors.full_messages.join("; ")
90 90 @admin.reload
91 91 assert_equal "john", @admin.login
92 92 end
93 93
94 94 def test_destroy
95 95 User.find(2).destroy
96 96 assert_nil User.find_by_id(2)
97 97 assert Member.find_all_by_user_id(2).empty?
98 98 end
99 99
100 100 def test_validate
101 101 @admin.login = ""
102 102 assert !@admin.save
103 103 assert_equal 1, @admin.errors.count
104 104 end
105 105
106 106 context "User#try_to_login" do
107 107 should "fall-back to case-insensitive if user login is not found as-typed." do
108 108 user = User.try_to_login("AdMin", "admin")
109 109 assert_kind_of User, user
110 110 assert_equal "admin", user.login
111 111 end
112 112
113 113 should "select the exact matching user first" do
114 114 case_sensitive_user = User.generate_with_protected!(:login => 'changed', :password => 'admin', :password_confirmation => 'admin')
115 115 # bypass validations to make it appear like existing data
116 116 case_sensitive_user.update_attribute(:login, 'ADMIN')
117 117
118 118 user = User.try_to_login("ADMIN", "admin")
119 119 assert_kind_of User, user
120 120 assert_equal "ADMIN", user.login
121 121
122 122 end
123 123 end
124 124
125 125 def test_password
126 126 user = User.try_to_login("admin", "admin")
127 127 assert_kind_of User, user
128 128 assert_equal "admin", user.login
129 129 user.password = "hello"
130 130 assert user.save
131 131
132 132 user = User.try_to_login("admin", "hello")
133 133 assert_kind_of User, user
134 134 assert_equal "admin", user.login
135 135 assert_equal User.hash_password("hello"), user.hashed_password
136 136 end
137 137
138 138 def test_name_format
139 139 assert_equal 'Smith, John', @jsmith.name(:lastname_coma_firstname)
140 140 Setting.user_format = :firstname_lastname
141 141 assert_equal 'John Smith', @jsmith.reload.name
142 142 Setting.user_format = :username
143 143 assert_equal 'jsmith', @jsmith.reload.name
144 144 end
145 145
146 146 def test_lock
147 147 user = User.try_to_login("jsmith", "jsmith")
148 148 assert_equal @jsmith, user
149 149
150 150 @jsmith.status = User::STATUS_LOCKED
151 151 assert @jsmith.save
152 152
153 153 user = User.try_to_login("jsmith", "jsmith")
154 154 assert_equal nil, user
155 155 end
156 156
157 157 if ldap_configured?
158 158 context "#try_to_login using LDAP" do
159 context "with failed connection to the LDAP server" do
160 should "return nil" do
161 @auth_source = AuthSourceLdap.find(1)
162 AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::LdapError, 'Cannot connect')
163
164 assert_equal nil, User.try_to_login('edavis', 'wrong')
165 end
166 end
167
168 context "with an unsuccessful authentication" do
169 should "return nil" do
170 assert_equal nil, User.try_to_login('edavis', 'wrong')
171 end
172 end
173
159 174 context "on the fly registration" do
160 175 setup do
161 176 @auth_source = AuthSourceLdap.find(1)
162 177 end
163 178
164 179 context "with a successful authentication" do
165 180 should "create a new user account if it doesn't exist" do
166 181 assert_difference('User.count') do
167 182 user = User.try_to_login('edavis', '123456')
168 183 assert !user.admin?
169 184 end
170 185 end
171 186
172 187 should "retrieve existing user" do
173 188 user = User.try_to_login('edavis', '123456')
174 189 user.admin = true
175 190 user.save!
176 191
177 192 assert_no_difference('User.count') do
178 193 user = User.try_to_login('edavis', '123456')
179 194 assert user.admin?
180 195 end
181 196 end
182 197 end
183 198 end
184 199 end
185 200
186 201 else
187 202 puts "Skipping LDAP tests."
188 203 end
189 204
190 205 def test_create_anonymous
191 206 AnonymousUser.delete_all
192 207 anon = User.anonymous
193 208 assert !anon.new_record?
194 209 assert_kind_of AnonymousUser, anon
195 210 end
196 211
197 212 should_have_one :rss_token
198 213
199 214 def test_rss_key
200 215 assert_nil @jsmith.rss_token
201 216 key = @jsmith.rss_key
202 217 assert_equal 40, key.length
203 218
204 219 @jsmith.reload
205 220 assert_equal key, @jsmith.rss_key
206 221 end
207 222
208 223
209 224 should_have_one :api_token
210 225
211 226 context "User#api_key" do
212 227 should "generate a new one if the user doesn't have one" do
213 228 user = User.generate_with_protected!(:api_token => nil)
214 229 assert_nil user.api_token
215 230
216 231 key = user.api_key
217 232 assert_equal 40, key.length
218 233 user.reload
219 234 assert_equal key, user.api_key
220 235 end
221 236
222 237 should "return the existing api token value" do
223 238 user = User.generate_with_protected!
224 239 token = Token.generate!(:action => 'api')
225 240 user.api_token = token
226 241 assert user.save
227 242
228 243 assert_equal token.value, user.api_key
229 244 end
230 245 end
231 246
232 247 context "User#find_by_api_key" do
233 248 should "return nil if no matching key is found" do
234 249 assert_nil User.find_by_api_key('zzzzzzzzz')
235 250 end
236 251
237 252 should "return nil if the key is found for an inactive user" do
238 253 user = User.generate_with_protected!(:status => User::STATUS_LOCKED)
239 254 token = Token.generate!(:action => 'api')
240 255 user.api_token = token
241 256 user.save
242 257
243 258 assert_nil User.find_by_api_key(token.value)
244 259 end
245 260
246 261 should "return the user if the key is found for an active user" do
247 262 user = User.generate_with_protected!(:status => User::STATUS_ACTIVE)
248 263 token = Token.generate!(:action => 'api')
249 264 user.api_token = token
250 265 user.save
251 266
252 267 assert_equal user, User.find_by_api_key(token.value)
253 268 end
254 269 end
255 270
256 271 def test_roles_for_project
257 272 # user with a role
258 273 roles = @jsmith.roles_for_project(Project.find(1))
259 274 assert_kind_of Role, roles.first
260 275 assert_equal "Manager", roles.first.name
261 276
262 277 # user with no role
263 278 assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?}
264 279 end
265 280
266 281 def test_mail_notification_all
267 282 @jsmith.mail_notification = true
268 283 @jsmith.notified_project_ids = []
269 284 @jsmith.save
270 285 @jsmith.reload
271 286 assert @jsmith.projects.first.recipients.include?(@jsmith.mail)
272 287 end
273 288
274 289 def test_mail_notification_selected
275 290 @jsmith.mail_notification = false
276 291 @jsmith.notified_project_ids = [1]
277 292 @jsmith.save
278 293 @jsmith.reload
279 294 assert Project.find(1).recipients.include?(@jsmith.mail)
280 295 end
281 296
282 297 def test_mail_notification_none
283 298 @jsmith.mail_notification = false
284 299 @jsmith.notified_project_ids = []
285 300 @jsmith.save
286 301 @jsmith.reload
287 302 assert !@jsmith.projects.first.recipients.include?(@jsmith.mail)
288 303 end
289 304
290 305 def test_comments_sorting_preference
291 306 assert !@jsmith.wants_comments_in_reverse_order?
292 307 @jsmith.pref.comments_sorting = 'asc'
293 308 assert !@jsmith.wants_comments_in_reverse_order?
294 309 @jsmith.pref.comments_sorting = 'desc'
295 310 assert @jsmith.wants_comments_in_reverse_order?
296 311 end
297 312
298 313 def test_find_by_mail_should_be_case_insensitive
299 314 u = User.find_by_mail('JSmith@somenet.foo')
300 315 assert_not_nil u
301 316 assert_equal 'jsmith@somenet.foo', u.mail
302 317 end
303 318
304 319 def test_random_password
305 320 u = User.new
306 321 u.random_password
307 322 assert !u.password.blank?
308 323 assert !u.password_confirmation.blank?
309 324 end
310 325
311 326 context "#change_password_allowed?" do
312 327 should "be allowed if no auth source is set" do
313 328 user = User.generate_with_protected!
314 329 assert user.change_password_allowed?
315 330 end
316 331
317 332 should "delegate to the auth source" do
318 333 user = User.generate_with_protected!
319 334
320 335 allowed_auth_source = AuthSource.generate!
321 336 def allowed_auth_source.allow_password_changes?; true; end
322 337
323 338 denied_auth_source = AuthSource.generate!
324 339 def denied_auth_source.allow_password_changes?; false; end
325 340
326 341 assert user.change_password_allowed?
327 342
328 343 user.auth_source = allowed_auth_source
329 344 assert user.change_password_allowed?, "User not allowed to change password, though auth source does"
330 345
331 346 user.auth_source = denied_auth_source
332 347 assert !user.change_password_allowed?, "User allowed to change password, though auth source does not"
333 348 end
334 349
335 350 end
336 351
337 352 if Object.const_defined?(:OpenID)
338 353
339 354 def test_setting_identity_url
340 355 normalized_open_id_url = 'http://example.com/'
341 356 u = User.new( :identity_url => 'http://example.com/' )
342 357 assert_equal normalized_open_id_url, u.identity_url
343 358 end
344 359
345 360 def test_setting_identity_url_without_trailing_slash
346 361 normalized_open_id_url = 'http://example.com/'
347 362 u = User.new( :identity_url => 'http://example.com' )
348 363 assert_equal normalized_open_id_url, u.identity_url
349 364 end
350 365
351 366 def test_setting_identity_url_without_protocol
352 367 normalized_open_id_url = 'http://example.com/'
353 368 u = User.new( :identity_url => 'example.com' )
354 369 assert_equal normalized_open_id_url, u.identity_url
355 370 end
356 371
357 372 def test_setting_blank_identity_url
358 373 u = User.new( :identity_url => 'example.com' )
359 374 u.identity_url = ''
360 375 assert u.identity_url.blank?
361 376 end
362 377
363 378 def test_setting_invalid_identity_url
364 379 u = User.new( :identity_url => 'this is not an openid url' )
365 380 assert u.identity_url.blank?
366 381 end
367 382
368 383 else
369 384 puts "Skipping openid tests."
370 385 end
371 386
372 387 end
General Comments 0
You need to be logged in to leave comments. Login now