|
0
|
1 |
from datetime import datetime |
|
|
2 |
|
|
|
3 |
from django.conf import settings |
|
|
4 |
from django.contrib.auth.backends import RemoteUserBackend |
|
29
|
5 |
from django.contrib.auth.models import User |
|
0
|
6 |
from django.test import TestCase |
|
|
7 |
|
|
|
8 |
|
|
|
9 |
class RemoteUserTest(TestCase): |
|
|
10 |
|
|
|
11 |
urls = 'django.contrib.auth.tests.urls' |
|
|
12 |
middleware = 'django.contrib.auth.middleware.RemoteUserMiddleware' |
|
|
13 |
backend = 'django.contrib.auth.backends.RemoteUserBackend' |
|
|
14 |
|
|
|
15 |
# Usernames to be passed in REMOTE_USER for the test_known_user test case. |
|
|
16 |
known_user = 'knownuser' |
|
|
17 |
known_user2 = 'knownuser2' |
|
|
18 |
|
|
|
19 |
def setUp(self): |
|
|
20 |
self.curr_middleware = settings.MIDDLEWARE_CLASSES |
|
|
21 |
self.curr_auth = settings.AUTHENTICATION_BACKENDS |
|
|
22 |
settings.MIDDLEWARE_CLASSES += (self.middleware,) |
|
|
23 |
settings.AUTHENTICATION_BACKENDS = (self.backend,) |
|
|
24 |
|
|
|
25 |
def test_no_remote_user(self): |
|
|
26 |
""" |
|
|
27 |
Tests requests where no remote user is specified and insures that no |
|
|
28 |
users get created. |
|
|
29 |
""" |
|
|
30 |
num_users = User.objects.count() |
|
|
31 |
|
|
|
32 |
response = self.client.get('/remote_user/') |
|
29
|
33 |
self.assert_(response.context['user'].is_anonymous()) |
|
0
|
34 |
self.assertEqual(User.objects.count(), num_users) |
|
|
35 |
|
|
|
36 |
response = self.client.get('/remote_user/', REMOTE_USER=None) |
|
29
|
37 |
self.assert_(response.context['user'].is_anonymous()) |
|
0
|
38 |
self.assertEqual(User.objects.count(), num_users) |
|
|
39 |
|
|
|
40 |
response = self.client.get('/remote_user/', REMOTE_USER='') |
|
29
|
41 |
self.assert_(response.context['user'].is_anonymous()) |
|
0
|
42 |
self.assertEqual(User.objects.count(), num_users) |
|
|
43 |
|
|
|
44 |
def test_unknown_user(self): |
|
|
45 |
""" |
|
|
46 |
Tests the case where the username passed in the header does not exist |
|
|
47 |
as a User. |
|
|
48 |
""" |
|
|
49 |
num_users = User.objects.count() |
|
|
50 |
response = self.client.get('/remote_user/', REMOTE_USER='newuser') |
|
|
51 |
self.assertEqual(response.context['user'].username, 'newuser') |
|
|
52 |
self.assertEqual(User.objects.count(), num_users + 1) |
|
|
53 |
User.objects.get(username='newuser') |
|
|
54 |
|
|
|
55 |
# Another request with same user should not create any new users. |
|
|
56 |
response = self.client.get('/remote_user/', REMOTE_USER='newuser') |
|
|
57 |
self.assertEqual(User.objects.count(), num_users + 1) |
|
|
58 |
|
|
|
59 |
def test_known_user(self): |
|
|
60 |
""" |
|
|
61 |
Tests the case where the username passed in the header is a valid User. |
|
|
62 |
""" |
|
|
63 |
User.objects.create(username='knownuser') |
|
|
64 |
User.objects.create(username='knownuser2') |
|
|
65 |
num_users = User.objects.count() |
|
|
66 |
response = self.client.get('/remote_user/', REMOTE_USER=self.known_user) |
|
|
67 |
self.assertEqual(response.context['user'].username, 'knownuser') |
|
|
68 |
self.assertEqual(User.objects.count(), num_users) |
|
|
69 |
# Test that a different user passed in the headers causes the new user |
|
|
70 |
# to be logged in. |
|
|
71 |
response = self.client.get('/remote_user/', REMOTE_USER=self.known_user2) |
|
|
72 |
self.assertEqual(response.context['user'].username, 'knownuser2') |
|
|
73 |
self.assertEqual(User.objects.count(), num_users) |
|
|
74 |
|
|
|
75 |
def test_last_login(self): |
|
|
76 |
""" |
|
|
77 |
Tests that a user's last_login is set the first time they make a |
|
|
78 |
request but not updated in subsequent requests with the same session. |
|
|
79 |
""" |
|
|
80 |
user = User.objects.create(username='knownuser') |
|
|
81 |
# Set last_login to something so we can determine if it changes. |
|
|
82 |
default_login = datetime(2000, 1, 1) |
|
|
83 |
user.last_login = default_login |
|
|
84 |
user.save() |
|
|
85 |
|
|
|
86 |
response = self.client.get('/remote_user/', REMOTE_USER=self.known_user) |
|
|
87 |
self.assertNotEqual(default_login, response.context['user'].last_login) |
|
|
88 |
|
|
|
89 |
user = User.objects.get(username='knownuser') |
|
|
90 |
user.last_login = default_login |
|
|
91 |
user.save() |
|
|
92 |
response = self.client.get('/remote_user/', REMOTE_USER=self.known_user) |
|
|
93 |
self.assertEqual(default_login, response.context['user'].last_login) |
|
|
94 |
|
|
|
95 |
def tearDown(self): |
|
|
96 |
"""Restores settings to avoid breaking other tests.""" |
|
|
97 |
settings.MIDDLEWARE_CLASSES = self.curr_middleware |
|
|
98 |
settings.AUTHENTICATION_BACKENDS = self.curr_auth |
|
|
99 |
|
|
|
100 |
|
|
|
101 |
class RemoteUserNoCreateBackend(RemoteUserBackend): |
|
|
102 |
"""Backend that doesn't create unknown users.""" |
|
|
103 |
create_unknown_user = False |
|
|
104 |
|
|
|
105 |
|
|
|
106 |
class RemoteUserNoCreateTest(RemoteUserTest): |
|
|
107 |
""" |
|
|
108 |
Contains the same tests as RemoteUserTest, but using a custom auth backend |
|
|
109 |
class that doesn't create unknown users. |
|
|
110 |
""" |
|
|
111 |
|
|
|
112 |
backend =\ |
|
|
113 |
'django.contrib.auth.tests.remote_user.RemoteUserNoCreateBackend' |
|
|
114 |
|
|
|
115 |
def test_unknown_user(self): |
|
|
116 |
num_users = User.objects.count() |
|
|
117 |
response = self.client.get('/remote_user/', REMOTE_USER='newuser') |
|
29
|
118 |
self.assert_(response.context['user'].is_anonymous()) |
|
0
|
119 |
self.assertEqual(User.objects.count(), num_users) |
|
|
120 |
|
|
|
121 |
|
|
|
122 |
class CustomRemoteUserBackend(RemoteUserBackend): |
|
|
123 |
""" |
|
|
124 |
Backend that overrides RemoteUserBackend methods. |
|
|
125 |
""" |
|
|
126 |
|
|
|
127 |
def clean_username(self, username): |
|
|
128 |
""" |
|
|
129 |
Grabs username before the @ character. |
|
|
130 |
""" |
|
|
131 |
return username.split('@')[0] |
|
|
132 |
|
|
|
133 |
def configure_user(self, user): |
|
|
134 |
""" |
|
|
135 |
Sets user's email address. |
|
|
136 |
""" |
|
|
137 |
user.email = 'user@example.com' |
|
|
138 |
user.save() |
|
|
139 |
return user |
|
|
140 |
|
|
|
141 |
|
|
|
142 |
class RemoteUserCustomTest(RemoteUserTest): |
|
|
143 |
""" |
|
|
144 |
Tests a custom RemoteUserBackend subclass that overrides the clean_username |
|
|
145 |
and configure_user methods. |
|
|
146 |
""" |
|
|
147 |
|
|
|
148 |
backend =\ |
|
|
149 |
'django.contrib.auth.tests.remote_user.CustomRemoteUserBackend' |
|
|
150 |
# REMOTE_USER strings with e-mail addresses for the custom backend to |
|
|
151 |
# clean. |
|
|
152 |
known_user = 'knownuser@example.com' |
|
|
153 |
known_user2 = 'knownuser2@example.com' |
|
|
154 |
|
|
|
155 |
def test_known_user(self): |
|
|
156 |
""" |
|
|
157 |
The strings passed in REMOTE_USER should be cleaned and the known users |
|
|
158 |
should not have been configured with an email address. |
|
|
159 |
""" |
|
|
160 |
super(RemoteUserCustomTest, self).test_known_user() |
|
|
161 |
self.assertEqual(User.objects.get(username='knownuser').email, '') |
|
|
162 |
self.assertEqual(User.objects.get(username='knownuser2').email, '') |
|
|
163 |
|
|
|
164 |
def test_unknown_user(self): |
|
|
165 |
""" |
|
|
166 |
The unknown user created should be configured with an email address. |
|
|
167 |
""" |
|
|
168 |
super(RemoteUserCustomTest, self).test_unknown_user() |
|
|
169 |
newuser = User.objects.get(username='newuser') |
|
|
170 |
self.assertEqual(newuser.email, 'user@example.com') |