sobjects/test/unittest_register_user.py
author Julien Cristau <julien.cristau@logilab.fr>
Tue, 22 Apr 2014 15:18:04 +0200
changeset 9689 9e4a3c8719a7
parent 9688 1f6ecd90df4f
permissions -rw-r--r--
[services] don't hardcode 'users' group for register_user Let the caller choose which group the user should be in. Related to #3020639 Caveat: this is a possible security hole if untrusted values are allowed.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
9687
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     1
# copyright 2003-2014 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     2
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     3
#
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     4
# This file is part of CubicWeb.
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     5
#
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     6
# CubicWeb is free software: you can redistribute it and/or modify it under the
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     7
# terms of the GNU Lesser General Public License as published by the Free
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     8
# Software Foundation, either version 2.1 of the License, or (at your option)
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
     9
# any later version.
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    10
#
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    11
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    12
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    13
# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    14
# details.
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    15
#
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    16
# You should have received a copy of the GNU Lesser General Public License along
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    17
# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    18
"""unittest for cubicweb.dbapi"""
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    19
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    20
from cubicweb import ValidationError
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    21
from cubicweb.web import Unauthorized
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    22
from cubicweb.devtools.testlib import CubicWebTC
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    23
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    24
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    25
class RegisterUserTC(CubicWebTC):
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    26
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    27
    def test_register_user_service(self):
9688
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    28
        acc = self.admin_access
9687
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    29
        with acc.client_cnx() as cnx:
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    30
            cnx.call_service('register_user', login=u'foo1', password=u'bar1',
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    31
                             email=u'foo1@bar1.com', firstname=u'Foo1',
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    32
                             surname=u'Bar1')
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    33
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    34
        acc = self.new_access('anon')
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    35
        with acc.client_cnx() as cnx:
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    36
            self.assertRaises(Unauthorized, cnx.call_service, 'register_user',
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    37
                              login=u'foo2', password=u'bar2',
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    38
                              email=u'foo2@bar2.com', firstname=u'Foo2', surname=u'Bar2')
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    39
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    40
        with self.repo.internal_cnx() as cnx:
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    41
            cnx.call_service('register_user', login=u'foo3',
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    42
                             password=u'bar3', email=u'foo3@bar3.com',
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    43
                             firstname=u'Foo3', surname=u'Bar3')
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    44
            # same login
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    45
            with self.assertRaises(ValidationError):
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    46
                cnx.call_service('register_user', login=u'foo3',
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    47
                                 password=u'bar3')
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    48
9688
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    49
    def test_register_user_attributes(self):
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    50
        with self.repo.internal_cnx() as cnx:
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    51
            cnx.call_service('register_user', login=u'foo3',
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    52
                             password=u'bar3', email=u'foo3@bar3.com',
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    53
                             firstname=u'Foo3', surname=u'Bar3')
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    54
            cnx.commit()
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    55
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    56
        with self.admin_access.client_cnx() as cnx:
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    57
            user = cnx.find('CWUser', login=u'foo3').one()
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    58
            self.assertEqual(user.firstname, u'Foo3')
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    59
            self.assertEqual(user.use_email[0].address, u'foo3@bar3.com')
1f6ecd90df4f [sobjects/test] check that register_user properly sets user name and email address
Julien Cristau <julien.cristau@logilab.fr>
parents: 9687
diff changeset
    60
9689
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    61
    def test_register_user_groups(self):
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    62
        with self.repo.internal_cnx() as cnx:
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    63
            # default
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    64
            cnx.call_service('register_user', login=u'foo_user',
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    65
                             password=u'bar_user', email=u'foo_user@bar_user.com',
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    66
                             firstname=u'Foo_user', surname=u'Bar_user')
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    67
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    68
            # group kwarg
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    69
            cnx.call_service('register_user', login=u'foo_admin',
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    70
                             password=u'bar_admin', email=u'foo_admin@bar_admin.com',
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    71
                             firstname=u'Foo_admin', surname=u'Bar_admin',
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    72
                             groups=('managers', 'users'))
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    73
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    74
            # class attribute
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    75
            from cubicweb.sobjects import services
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    76
            services.RegisterUserService.default_groups = ('guests',)
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    77
            cnx.call_service('register_user', login=u'foo_guest',
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    78
                             password=u'bar_guest', email=u'foo_guest@bar_guest.com',
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    79
                             firstname=u'Foo_guest', surname=u'Bar_guest')
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    80
            cnx.commit()
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    81
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    82
        with self.admin_access.client_cnx() as cnx:
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    83
            user = cnx.find('CWUser', login=u'foo_user').one()
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    84
            self.assertEqual([g.name for g in user.in_group], ['users'])
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    85
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    86
            admin = cnx.find('CWUser', login=u'foo_admin').one()
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    87
            self.assertEqual(sorted(g.name for g in admin.in_group), ['managers', 'users'])
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    88
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    89
            guest = cnx.find('CWUser', login=u'foo_guest').one()
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    90
            self.assertEqual([g.name for g in guest.in_group], ['guests'])
9e4a3c8719a7 [services] don't hardcode 'users' group for register_user
Julien Cristau <julien.cristau@logilab.fr>
parents: 9688
diff changeset
    91
9687
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    92
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    93
if __name__ == '__main__':
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    94
    from logilab.common.testlib import unittest_main
00c2356faba7 [server] Refactor Repository.register_user into a CubicWeb service (closes #3020639)
Vladimir Popescu <vladimir.popescu@logilab.fr>
parents:
diff changeset
    95
    unittest_main()