/
test_basic_ops.py
153 lines (131 loc) · 5.71 KB
/
test_basic_ops.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
import unittest
from zope.component import adapter
from zope.component import getGlobalSiteManager
from Products.PluggableAuthService.interfaces.events \
import IPrincipalDeletedEvent
from Products.PluggableAuthService.PluggableAuthService \
import _SWALLOWABLE_PLUGIN_EXCEPTIONS
from Products.PluggableAuthService.interfaces.authservice \
import IPluggableAuthService
from Products.PluggableAuthService.interfaces.plugins \
import IRolesPlugin
from Products.PlonePAS.tests import base
class BasicOpsTestCase(base.TestCase):
def afterSetUp(self):
self.loginAsPortalOwner()
self.acl_users = self.portal.acl_users
def compareRoles(self, target, user, roles):
"""
compareRoles(self, target, user, roles) => do not raise if
user has exactly the specified roles.
If target is None, test user roles (no local roles)
"""
u = self.acl_users.getUser(user)
if not u:
raise RuntimeError("compareRoles: Invalid user: '%s'" % user)
non_roles = ('Authenticated', 'Anonymous', '')
if target is None:
user_roles = list(u.getRoles())
else:
user_roles = list(u.getRolesInContext(target))
actual_roles = filter(lambda x: x not in non_roles, user_roles)
actual_roles.sort()
wished_roles = list(roles)
wished_roles.sort()
if actual_roles == wished_roles:
return 1
raise RuntimeError("User %s: Whished roles: %s BUT current "
"roles: %s" % (user, wished_roles, actual_roles))
def createUser(self, login="created_user", password="secret",
roles=[], groups=[], domains=()):
self.acl_users.userFolderAddUser(
login, password, roles=roles, groups=groups, domains=domains,)
def test_installed(self):
self.assertTrue(IPluggableAuthService.providedBy(self.acl_users))
def test_add(self):
self.createUser()
self.assertTrue(self.acl_users.getUser("created_user"))
def test_edit(self):
# this will fail unless the PAS role plugin is told it manages
# the new role.
self.createUser()
self.compareRoles(None, "created_user", [])
self.acl_users.userFolderEditUser(
"created_user", # name
"secret2", # password
roles=["Member"],
groups=["g1"],
domains=(),)
self.compareRoles(None, "created_user", ['Member'])
def test_edit_userDefinedRole(self):
roleplugins = self.acl_users.plugins.listPlugins(IRolesPlugin)
for id, plugin in roleplugins:
try:
plugin.addRole('r1')
except _SWALLOWABLE_PLUGIN_EXCEPTIONS:
pass
else:
break
self.createUser()
self.compareRoles(None, "created_user", [])
self.acl_users.userFolderEditUser(
"created_user", # name
"secret2", # password
roles=["r1"],
groups=["g1"],
domains=(),)
self.compareRoles(None, "created_user", ['r1'])
def test_del(self):
self.createUser()
self.assertTrue(self.acl_users.getUser("created_user"))
self.acl_users.userFolderDelUsers(['created_user'])
self.assertFalse(self.acl_users.getUser("created_user"))
def test_principal_del_event(self):
eventsFired = []
@adapter(IPrincipalDeletedEvent)
def gotDeletion(event):
eventsFired.append(event)
gsm = getGlobalSiteManager()
gsm.registerHandler(gotDeletion)
self.createUser()
self.acl_users.userFolderDelUsers(['created_user'])
self.assertEqual(len(eventsFired), 1)
self.assertEqual(eventsFired[0].principal, 'created_user')
gsm.unregisterHandler(gotDeletion)
def test_search(self):
self.createUser("created_user1")
self.createUser("created_user2")
mt = self.portal.portal_membership
retlist = mt.searchForMembers(REQUEST=None, login="created_user1")
usernames = [user.getUserName() for user in retlist]
self.assertEqual(len(usernames), 1)
self.assertTrue("created_user1" in usernames,
"'created_user1' not in %s" % usernames)
def test_setpw(self):
# there is more than one place where one can set the password.
# insane. anyway we have to check the patch in pas.py userSetPassword
# here its checked in the general setup using ZODBUserManager.
self.createUser()
uf = self.acl_users
new_secret = 'new_secret'
uf.userSetPassword('created_user', new_secret)
# possible to authenticate with new password?
from Products.PluggableAuthService.interfaces.plugins \
import IAuthenticationPlugin
authenticators = uf.plugins.listPlugins(IAuthenticationPlugin)
credentials = {'login': 'created_user', 'password': new_secret}
result = None
for aid, authenticator in authenticators:
result = authenticator.authenticateCredentials(credentials)
if result is not None:
break
self.assertTrue(result)
def test_setProperties(self):
self.createUser()
user = self.acl_users.getUser('created_user')
user.setProperties(fullname='Test User', email='test@example.org')
self.assertEqual(user.getProperty('fullname'), 'Test User')
self.assertEqual(user.getProperty('email'), 'test@example.org')
user.setProperties(properties={'fullname': 'Test User2', 'email': 'test2@example.org'})
self.assertEqual(user.getProperty('fullname'), 'Test User2')
self.assertEqual(user.getProperty('email'), 'test2@example.org')