##// END OF EJS Templates
jro_apps » redmine
RSS
Check that admin LDAP user is untouched after authentication (#5263)....
Jean-Philippe Lang -
r3520:9306f3ea6c4f
parent child
Show More
Side by Side Unified
Context file:
r3520:9306f3ea6c4f Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,300 +1,312
1 # redMine - project management software
1 # redMine - project management software
2 # Copyright (C) 2006 Jean-Philippe Lang
2 # Copyright (C) 2006 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 require File.dirname(__FILE__) + '/../test_helper'
18 require File.dirname(__FILE__) + '/../test_helper'
19
19
20 class UserTest < ActiveSupport::TestCase
20 class UserTest < ActiveSupport::TestCase
21 fixtures :users, :members, :projects, :roles, :member_roles, :auth_sources
21 fixtures :users, :members, :projects, :roles, :member_roles, :auth_sources
22
22
23 def setup
23 def setup
24 @admin = User.find(1)
24 @admin = User.find(1)
25 @jsmith = User.find(2)
25 @jsmith = User.find(2)
26 @dlopper = User.find(3)
26 @dlopper = User.find(3)
27 end
27 end
28
28
29 test 'object_daddy creation' do
29 test 'object_daddy creation' do
30 User.generate_with_protected!(:firstname => 'Testing connection')
30 User.generate_with_protected!(:firstname => 'Testing connection')
31 User.generate_with_protected!(:firstname => 'Testing connection')
31 User.generate_with_protected!(:firstname => 'Testing connection')
32 assert_equal 2, User.count(:all, :conditions => {:firstname => 'Testing connection'})
32 assert_equal 2, User.count(:all, :conditions => {:firstname => 'Testing connection'})
33 end
33 end
34
34
35 def test_truth
35 def test_truth
36 assert_kind_of User, @jsmith
36 assert_kind_of User, @jsmith
37 end
37 end
38
38
39 def test_create
39 def test_create
40 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
40 user = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
41
41
42 user.login = "jsmith"
42 user.login = "jsmith"
43 user.password, user.password_confirmation = "password", "password"
43 user.password, user.password_confirmation = "password", "password"
44 # login uniqueness
44 # login uniqueness
45 assert !user.save
45 assert !user.save
46 assert_equal 1, user.errors.count
46 assert_equal 1, user.errors.count
47
47
48 user.login = "newuser"
48 user.login = "newuser"
49 user.password, user.password_confirmation = "passwd", "password"
49 user.password, user.password_confirmation = "passwd", "password"
50 # password confirmation
50 # password confirmation
51 assert !user.save
51 assert !user.save
52 assert_equal 1, user.errors.count
52 assert_equal 1, user.errors.count
53
53
54 user.password, user.password_confirmation = "password", "password"
54 user.password, user.password_confirmation = "password", "password"
55 assert user.save
55 assert user.save
56 end
56 end
57
57
58 def test_mail_uniqueness_should_not_be_case_sensitive
58 def test_mail_uniqueness_should_not_be_case_sensitive
59 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
59 u = User.new(:firstname => "new", :lastname => "user", :mail => "newuser@somenet.foo")
60 u.login = 'newuser1'
60 u.login = 'newuser1'
61 u.password, u.password_confirmation = "password", "password"
61 u.password, u.password_confirmation = "password", "password"
62 assert u.save
62 assert u.save
63
63
64 u = User.new(:firstname => "new", :lastname => "user", :mail => "newUser@Somenet.foo")
64 u = User.new(:firstname => "new", :lastname => "user", :mail => "newUser@Somenet.foo")
65 u.login = 'newuser2'
65 u.login = 'newuser2'
66 u.password, u.password_confirmation = "password", "password"
66 u.password, u.password_confirmation = "password", "password"
67 assert !u.save
67 assert !u.save
68 assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:mail)
68 assert_equal I18n.translate('activerecord.errors.messages.taken'), u.errors.on(:mail)
69 end
69 end
70
70
71 def test_update
71 def test_update
72 assert_equal "admin", @admin.login
72 assert_equal "admin", @admin.login
73 @admin.login = "john"
73 @admin.login = "john"
74 assert @admin.save, @admin.errors.full_messages.join("; ")
74 assert @admin.save, @admin.errors.full_messages.join("; ")
75 @admin.reload
75 @admin.reload
76 assert_equal "john", @admin.login
76 assert_equal "john", @admin.login
77 end
77 end
78
78
79 def test_destroy
79 def test_destroy
80 User.find(2).destroy
80 User.find(2).destroy
81 assert_nil User.find_by_id(2)
81 assert_nil User.find_by_id(2)
82 assert Member.find_all_by_user_id(2).empty?
82 assert Member.find_all_by_user_id(2).empty?
83 end
83 end
84
84
85 def test_validate
85 def test_validate
86 @admin.login = ""
86 @admin.login = ""
87 assert !@admin.save
87 assert !@admin.save
88 assert_equal 1, @admin.errors.count
88 assert_equal 1, @admin.errors.count
89 end
89 end
90
90
91 def test_password
91 def test_password
92 user = User.try_to_login("admin", "admin")
92 user = User.try_to_login("admin", "admin")
93 assert_kind_of User, user
93 assert_kind_of User, user
94 assert_equal "admin", user.login
94 assert_equal "admin", user.login
95 user.password = "hello"
95 user.password = "hello"
96 assert user.save
96 assert user.save
97
97
98 user = User.try_to_login("admin", "hello")
98 user = User.try_to_login("admin", "hello")
99 assert_kind_of User, user
99 assert_kind_of User, user
100 assert_equal "admin", user.login
100 assert_equal "admin", user.login
101 assert_equal User.hash_password("hello"), user.hashed_password
101 assert_equal User.hash_password("hello"), user.hashed_password
102 end
102 end
103
103
104 def test_name_format
104 def test_name_format
105 assert_equal 'Smith, John', @jsmith.name(:lastname_coma_firstname)
105 assert_equal 'Smith, John', @jsmith.name(:lastname_coma_firstname)
106 Setting.user_format = :firstname_lastname
106 Setting.user_format = :firstname_lastname
107 assert_equal 'John Smith', @jsmith.reload.name
107 assert_equal 'John Smith', @jsmith.reload.name
108 Setting.user_format = :username
108 Setting.user_format = :username
109 assert_equal 'jsmith', @jsmith.reload.name
109 assert_equal 'jsmith', @jsmith.reload.name
110 end
110 end
111
111
112 def test_lock
112 def test_lock
113 user = User.try_to_login("jsmith", "jsmith")
113 user = User.try_to_login("jsmith", "jsmith")
114 assert_equal @jsmith, user
114 assert_equal @jsmith, user
115
115
116 @jsmith.status = User::STATUS_LOCKED
116 @jsmith.status = User::STATUS_LOCKED
117 assert @jsmith.save
117 assert @jsmith.save
118
118
119 user = User.try_to_login("jsmith", "jsmith")
119 user = User.try_to_login("jsmith", "jsmith")
120 assert_equal nil, user
120 assert_equal nil, user
121 end
121 end
122
122
123 if ldap_configured?
123 if ldap_configured?
124 context "#try_to_login using LDAP" do
124 context "#try_to_login using LDAP" do
125 context "on the fly registration" do
125 context "on the fly registration" do
126 setup do
126 setup do
127 @auth_source = AuthSourceLdap.find(1)
127 @auth_source = AuthSourceLdap.find(1)
128 end
128 end
129
129
130 context "with a successful authentication" do
130 context "with a successful authentication" do
131 should "create a new user account" do
131 should "create a new user account if it doesn't exist" do
132 assert_difference('User.count') do
132 assert_difference('User.count') do
133 User.try_to_login('edavis', '123456')
133 user = User.try_to_login('edavis', '123456')
134 assert !user.admin?
135 end
136 end
137
138 should "retrieve existing user" do
139 user = User.try_to_login('edavis', '123456')
140 user.admin = true
141 user.save!
142
143 assert_no_difference('User.count') do
144 user = User.try_to_login('edavis', '123456')
145 assert user.admin?
134 end
146 end
135 end
147 end
136 end
148 end
137 end
149 end
138 end
150 end
139
151
140 else
152 else
141 puts "Skipping LDAP tests."
153 puts "Skipping LDAP tests."
142 end
154 end
143
155
144 def test_create_anonymous
156 def test_create_anonymous
145 AnonymousUser.delete_all
157 AnonymousUser.delete_all
146 anon = User.anonymous
158 anon = User.anonymous
147 assert !anon.new_record?
159 assert !anon.new_record?
148 assert_kind_of AnonymousUser, anon
160 assert_kind_of AnonymousUser, anon
149 end
161 end
150
162
151 should_have_one :rss_token
163 should_have_one :rss_token
152
164
153 def test_rss_key
165 def test_rss_key
154 assert_nil @jsmith.rss_token
166 assert_nil @jsmith.rss_token
155 key = @jsmith.rss_key
167 key = @jsmith.rss_key
156 assert_equal 40, key.length
168 assert_equal 40, key.length
157
169
158 @jsmith.reload
170 @jsmith.reload
159 assert_equal key, @jsmith.rss_key
171 assert_equal key, @jsmith.rss_key
160 end
172 end
161
173
162
174
163 should_have_one :api_token
175 should_have_one :api_token
164
176
165 context "User#api_key" do
177 context "User#api_key" do
166 should "generate a new one if the user doesn't have one" do
178 should "generate a new one if the user doesn't have one" do
167 user = User.generate_with_protected!(:api_token => nil)
179 user = User.generate_with_protected!(:api_token => nil)
168 assert_nil user.api_token
180 assert_nil user.api_token
169
181
170 key = user.api_key
182 key = user.api_key
171 assert_equal 40, key.length
183 assert_equal 40, key.length
172 user.reload
184 user.reload
173 assert_equal key, user.api_key
185 assert_equal key, user.api_key
174 end
186 end
175
187
176 should "return the existing api token value" do
188 should "return the existing api token value" do
177 user = User.generate_with_protected!
189 user = User.generate_with_protected!
178 token = Token.generate!(:action => 'api')
190 token = Token.generate!(:action => 'api')
179 user.api_token = token
191 user.api_token = token
180 assert user.save
192 assert user.save
181
193
182 assert_equal token.value, user.api_key
194 assert_equal token.value, user.api_key
183 end
195 end
184 end
196 end
185
197
186 context "User#find_by_api_key" do
198 context "User#find_by_api_key" do
187 should "return nil if no matching key is found" do
199 should "return nil if no matching key is found" do
188 assert_nil User.find_by_api_key('zzzzzzzzz')
200 assert_nil User.find_by_api_key('zzzzzzzzz')
189 end
201 end
190
202
191 should "return nil if the key is found for an inactive user" do
203 should "return nil if the key is found for an inactive user" do
192 user = User.generate_with_protected!(:status => User::STATUS_LOCKED)
204 user = User.generate_with_protected!(:status => User::STATUS_LOCKED)
193 token = Token.generate!(:action => 'api')
205 token = Token.generate!(:action => 'api')
194 user.api_token = token
206 user.api_token = token
195 user.save
207 user.save
196
208
197 assert_nil User.find_by_api_key(token.value)
209 assert_nil User.find_by_api_key(token.value)
198 end
210 end
199
211
200 should "return the user if the key is found for an active user" do
212 should "return the user if the key is found for an active user" do
201 user = User.generate_with_protected!(:status => User::STATUS_ACTIVE)
213 user = User.generate_with_protected!(:status => User::STATUS_ACTIVE)
202 token = Token.generate!(:action => 'api')
214 token = Token.generate!(:action => 'api')
203 user.api_token = token
215 user.api_token = token
204 user.save
216 user.save
205
217
206 assert_equal user, User.find_by_api_key(token.value)
218 assert_equal user, User.find_by_api_key(token.value)
207 end
219 end
208 end
220 end
209
221
210 def test_roles_for_project
222 def test_roles_for_project
211 # user with a role
223 # user with a role
212 roles = @jsmith.roles_for_project(Project.find(1))
224 roles = @jsmith.roles_for_project(Project.find(1))
213 assert_kind_of Role, roles.first
225 assert_kind_of Role, roles.first
214 assert_equal "Manager", roles.first.name
226 assert_equal "Manager", roles.first.name
215
227
216 # user with no role
228 # user with no role
217 assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?}
229 assert_nil @dlopper.roles_for_project(Project.find(2)).detect {|role| role.member?}
218 end
230 end
219
231
220 def test_mail_notification_all
232 def test_mail_notification_all
221 @jsmith.mail_notification = true
233 @jsmith.mail_notification = true
222 @jsmith.notified_project_ids = []
234 @jsmith.notified_project_ids = []
223 @jsmith.save
235 @jsmith.save
224 @jsmith.reload
236 @jsmith.reload
225 assert @jsmith.projects.first.recipients.include?(@jsmith.mail)
237 assert @jsmith.projects.first.recipients.include?(@jsmith.mail)
226 end
238 end
227
239
228 def test_mail_notification_selected
240 def test_mail_notification_selected
229 @jsmith.mail_notification = false
241 @jsmith.mail_notification = false
230 @jsmith.notified_project_ids = [1]
242 @jsmith.notified_project_ids = [1]
231 @jsmith.save
243 @jsmith.save
232 @jsmith.reload
244 @jsmith.reload
233 assert Project.find(1).recipients.include?(@jsmith.mail)
245 assert Project.find(1).recipients.include?(@jsmith.mail)
234 end
246 end
235
247
236 def test_mail_notification_none
248 def test_mail_notification_none
237 @jsmith.mail_notification = false
249 @jsmith.mail_notification = false
238 @jsmith.notified_project_ids = []
250 @jsmith.notified_project_ids = []
239 @jsmith.save
251 @jsmith.save
240 @jsmith.reload
252 @jsmith.reload
241 assert !@jsmith.projects.first.recipients.include?(@jsmith.mail)
253 assert !@jsmith.projects.first.recipients.include?(@jsmith.mail)
242 end
254 end
243
255
244 def test_comments_sorting_preference
256 def test_comments_sorting_preference
245 assert !@jsmith.wants_comments_in_reverse_order?
257 assert !@jsmith.wants_comments_in_reverse_order?
246 @jsmith.pref.comments_sorting = 'asc'
258 @jsmith.pref.comments_sorting = 'asc'
247 assert !@jsmith.wants_comments_in_reverse_order?
259 assert !@jsmith.wants_comments_in_reverse_order?
248 @jsmith.pref.comments_sorting = 'desc'
260 @jsmith.pref.comments_sorting = 'desc'
249 assert @jsmith.wants_comments_in_reverse_order?
261 assert @jsmith.wants_comments_in_reverse_order?
250 end
262 end
251
263
252 def test_find_by_mail_should_be_case_insensitive
264 def test_find_by_mail_should_be_case_insensitive
253 u = User.find_by_mail('JSmith@somenet.foo')
265 u = User.find_by_mail('JSmith@somenet.foo')
254 assert_not_nil u
266 assert_not_nil u
255 assert_equal 'jsmith@somenet.foo', u.mail
267 assert_equal 'jsmith@somenet.foo', u.mail
256 end
268 end
257
269
258 def test_random_password
270 def test_random_password
259 u = User.new
271 u = User.new
260 u.random_password
272 u.random_password
261 assert !u.password.blank?
273 assert !u.password.blank?
262 assert !u.password_confirmation.blank?
274 assert !u.password_confirmation.blank?
263 end
275 end
264
276
265 if Object.const_defined?(:OpenID)
277 if Object.const_defined?(:OpenID)
266
278
267 def test_setting_identity_url
279 def test_setting_identity_url
268 normalized_open_id_url = 'http://example.com/'
280 normalized_open_id_url = 'http://example.com/'
269 u = User.new( :identity_url => 'http://example.com/' )
281 u = User.new( :identity_url => 'http://example.com/' )
270 assert_equal normalized_open_id_url, u.identity_url
282 assert_equal normalized_open_id_url, u.identity_url
271 end
283 end
272
284
273 def test_setting_identity_url_without_trailing_slash
285 def test_setting_identity_url_without_trailing_slash
274 normalized_open_id_url = 'http://example.com/'
286 normalized_open_id_url = 'http://example.com/'
275 u = User.new( :identity_url => 'http://example.com' )
287 u = User.new( :identity_url => 'http://example.com' )
276 assert_equal normalized_open_id_url, u.identity_url
288 assert_equal normalized_open_id_url, u.identity_url
277 end
289 end
278
290
279 def test_setting_identity_url_without_protocol
291 def test_setting_identity_url_without_protocol
280 normalized_open_id_url = 'http://example.com/'
292 normalized_open_id_url = 'http://example.com/'
281 u = User.new( :identity_url => 'example.com' )
293 u = User.new( :identity_url => 'example.com' )
282 assert_equal normalized_open_id_url, u.identity_url
294 assert_equal normalized_open_id_url, u.identity_url
283 end
295 end
284
296
285 def test_setting_blank_identity_url
297 def test_setting_blank_identity_url
286 u = User.new( :identity_url => 'example.com' )
298 u = User.new( :identity_url => 'example.com' )
287 u.identity_url = ''
299 u.identity_url = ''
288 assert u.identity_url.blank?
300 assert u.identity_url.blank?
289 end
301 end
290
302
291 def test_setting_invalid_identity_url
303 def test_setting_invalid_identity_url
292 u = User.new( :identity_url => 'this is not an openid url' )
304 u = User.new( :identity_url => 'this is not an openid url' )
293 assert u.identity_url.blank?
305 assert u.identity_url.blank?
294 end
306 end
295
307
296 else
308 else
297 puts "Skipping openid tests."
309 puts "Skipping openid tests."
298 end
310 end
299
311
300 end
312 end
General Comments 0
You need to be logged in to leave comments. Login now