server/test/unittest_ldapsource.py
author Julien Cristau <julien.cristau@logilab.fr>
Wed, 29 Jan 2014 15:50:19 +0100
changeset 9496 e699fbcc9a61
parent 9283 5f2c5eb1a820
child 9674 96549de9dd70
permissions -rw-r--r--
[server/repo] Use session.sessionid instead of session.id Silences deprecation warning.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
8684
6c7c2a02c9a0 [ldap test] fix bad merge
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8683
diff changeset
     1
# copyright 2003-2012 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
5421
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
     2
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
     3
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
     4
# This file is part of CubicWeb.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
     5
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
     6
# CubicWeb is free software: you can redistribute it and/or modify it under the
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
     7
# terms of the GNU Lesser General Public License as published by the Free
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
     8
# Software Foundation, either version 2.1 of the License, or (at your option)
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
     9
# any later version.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
    10
#
5424
8ecbcbff9777 replace logilab-common by CubicWeb in disclaimer
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5421
diff changeset
    11
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
5421
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
    12
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
    13
# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
    14
# details.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
    15
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
    16
# You should have received a copy of the GNU Lesser General Public License along
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5064
diff changeset
    17
# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
6434
d99b742a9c49 [test] fix ldap test when executed from certain hosts
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6340
diff changeset
    18
"""cubicweb.server.sources.ldapusers unit and functional tests"""
360
600dd2fe8b40 backport unittest_ldapuser
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    19
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    20
import os
8902
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    21
import sys
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    22
import shutil
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    23
import time
8434
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    24
from os.path import join, exists
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    25
import subprocess
8681
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
    26
import tempfile
3855
dbd37c10f865 try to update ldap tests to make them work from the DMZ (eg using another ldap directory)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3587
diff changeset
    27
7078
bad26a22fe29 [test] New Handling of database for test.
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 6986
diff changeset
    28
from logilab.common.testlib import TestCase, unittest_main, mock_object, Tags
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
    29
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
    30
from cubicweb import AuthenticationError
2773
b2530e3e0afb [testlib] #345052 and #344207: major test lib refactoring/cleanup + update usage
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 1977
diff changeset
    31
from cubicweb.devtools.testlib import CubicWebTC
360
600dd2fe8b40 backport unittest_ldapuser
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    32
from cubicweb.devtools.repotest import RQLGeneratorTC
6986
18343456ee49 [ldap test] use get_available_port from cw.devtools.httptest
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6985
diff changeset
    33
from cubicweb.devtools.httptest import get_available_port
7078
bad26a22fe29 [test] New Handling of database for test.
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 6986
diff changeset
    34
from cubicweb.devtools import get_test_db_handler
360
600dd2fe8b40 backport unittest_ldapuser
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    35
600dd2fe8b40 backport unittest_ldapuser
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    36
8922
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
    37
CONFIG_LDAPFEED = u'''
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
    38
user-base-dn=ou=People,dc=cubicweb,dc=test
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
    39
group-base-dn=ou=Group,dc=cubicweb,dc=test
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
    40
user-attrs-map=uid=login,mail=email,userPassword=upassword
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
    41
group-attrs-map=cn=name,memberUid=member
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
    42
'''
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
    43
CONFIG_LDAPUSER = u'''
8917
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
    44
user-base-dn=ou=People,dc=cubicweb,dc=test
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
    45
user-attrs-map=uid=login,mail=email,userPassword=upassword
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
    46
'''
8901
661b6aaac240 [test/ldap source] better source naming, some cleanups (prepares #2528116)
Jérôme Roy
parents: 8885
diff changeset
    47
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
    48
URL = None
3855
dbd37c10f865 try to update ldap tests to make them work from the DMZ (eg using another ldap directory)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3587
diff changeset
    49
8434
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    50
def create_slapd_configuration(cls):
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    51
    global URL
8681
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
    52
    slapddir = tempfile.mkdtemp('cw-unittest-ldap')
8434
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    53
    config = cls.config
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    54
    slapdconf = join(config.apphome, "slapd.conf")
6985
dda970c8a315 [test] generate slapd.conf to be cwd independant
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6888
diff changeset
    55
    confin = file(join(config.apphome, "slapd.conf.in")).read()
dda970c8a315 [test] generate slapd.conf to be cwd independant
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6888
diff changeset
    56
    confstream = file(slapdconf, 'w')
8681
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
    57
    confstream.write(confin % {'apphome': config.apphome, 'testdir': slapddir})
6985
dda970c8a315 [test] generate slapd.conf to be cwd independant
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6888
diff changeset
    58
    confstream.close()
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
    59
    # fill ldap server with some data
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
    60
    ldiffile = join(config.apphome, "ldap_test.ldif")
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
    61
    config.info('Initing ldap database')
8902
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    62
    cmdline = ['/usr/sbin/slapadd', '-f', slapdconf, '-l', ldiffile, '-c']
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    63
    PIPE = subprocess.PIPE
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    64
    slapproc = subprocess.Popen(cmdline, stdout=PIPE, stderr=PIPE)
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    65
    stdout, stderr = slapproc.communicate()
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    66
    if slapproc.returncode:
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    67
        print >> sys.stderr, ('slapadd returned with status: %s'
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    68
                              % slapproc.returncode)
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    69
        sys.stdout.write(stdout)
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    70
        sys.stderr.write(stderr)
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    71
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    72
    #ldapuri = 'ldapi://' + join(basedir, "ldapi").replace('/', '%2f')
6986
18343456ee49 [ldap test] use get_available_port from cw.devtools.httptest
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6985
diff changeset
    73
    port = get_available_port(xrange(9000, 9100))
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    74
    host = 'localhost:%s' % port
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    75
    ldapuri = 'ldap://%s' % host
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    76
    cmdline = ["/usr/sbin/slapd", "-f",  slapdconf,  "-h",  ldapuri, "-d", "0"]
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
    77
    config.info('Starting slapd:', ' '.join(cmdline))
8902
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    78
    PIPE = subprocess.PIPE
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    79
    cls.slapd_process = subprocess.Popen(cmdline, stdout=PIPE, stderr=PIPE)
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    80
    time.sleep(0.2)
8434
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    81
    if cls.slapd_process.poll() is None:
8901
661b6aaac240 [test/ldap source] better source naming, some cleanups (prepares #2528116)
Jérôme Roy
parents: 8885
diff changeset
    82
        config.info('slapd started with pid %s', cls.slapd_process.pid)
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    83
    else:
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    84
        raise EnvironmentError('Cannot start slapd with cmdline="%s" (from directory "%s")' %
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    85
                               (" ".join(cmdline), os.getcwd()))
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
    86
    URL = u'ldap://%s' % host
8681
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
    87
    return slapddir
6887
72d7feeb071e [tests] make ldap source test run its own local (Open)LDAP server
David Douard <david.douard@logilab.fr>
parents: 6781
diff changeset
    88
8434
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    89
def terminate_slapd(cls):
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    90
    config = cls.config
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    91
    if cls.slapd_process and cls.slapd_process.returncode is None:
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
    92
        config.info('terminating slapd')
8434
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    93
        if hasattr(cls.slapd_process, 'terminate'):
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    94
            cls.slapd_process.terminate()
6986
18343456ee49 [ldap test] use get_available_port from cw.devtools.httptest
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6985
diff changeset
    95
        else:
18343456ee49 [ldap test] use get_available_port from cw.devtools.httptest
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 6985
diff changeset
    96
            import os, signal
8434
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
    97
            os.kill(cls.slapd_process.pid, signal.SIGTERM)
8902
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    98
        stdout, stderr = cls.slapd_process.communicate()
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
    99
        if cls.slapd_process.returncode:
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
   100
            print >> sys.stderr, ('slapd returned with status: %s'
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
   101
                                  % cls.slapd_process.returncode)
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
   102
            sys.stdout.write(stdout)
9edfa3660bf4 [ldap] quieter tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8901
diff changeset
   103
            sys.stderr.write(stderr)
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   104
        config.info('DONE')
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   105
8904
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   106
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   107
class LDAPFeedTestBase(CubicWebTC):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   108
    test_db_id = 'ldap-feed'
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   109
    loglevel = 'ERROR'
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   110
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   111
    @classmethod
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   112
    def setUpClass(cls):
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   113
        from cubicweb.cwctl import init_cmdline_log_threshold
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   114
        init_cmdline_log_threshold(cls.config, cls.loglevel)
8681
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
   115
        cls._tmpdir = create_slapd_configuration(cls)
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   116
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   117
    @classmethod
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   118
    def tearDownClass(cls):
8434
39c5bb4dcc59 [ldapfeed] do not crash on ldap user deletion + pull + already deactivated users, cleanups (closes #2392933)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8430
diff changeset
   119
        terminate_slapd(cls)
8681
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
   120
        try:
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
   121
            shutil.rmtree(cls._tmpdir)
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
   122
        except:
48731a0d3df8 [ldap test] move the slapd database directory to a tempdir (closes #2583993)
David Douard <david.douard@logilab.fr>
parents: 8680
diff changeset
   123
            pass
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   124
8904
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   125
    @classmethod
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   126
    def pre_setup_database(cls, session, config):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   127
        session.create_entity('CWSource', name=u'ldap', type=u'ldapfeed', parser=u'ldapfeed',
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   128
                              url=URL, config=CONFIG_LDAPFEED)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   129
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   130
        session.commit()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   131
        return cls._pull(session)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   132
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   133
    @classmethod
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   134
    def _pull(cls, session):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   135
        with session.repo.internal_session() as isession:
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   136
            lfsource = isession.repo.sources_by_uri['ldap']
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   137
            stats = lfsource.pull_data(isession, force=True, raise_on_error=True)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   138
            isession.commit()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   139
            return stats
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   140
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   141
    def pull(self):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   142
        return self._pull(self.session)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   143
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   144
    def setup_database(self):
9142
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   145
        with self.session.repo.internal_session(safe=True) as session:
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   146
            session.execute('DELETE Any E WHERE E cw_source S, S name "ldap"')
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   147
            session.execute('SET S config %(conf)s, S url %(url)s '
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   148
                            'WHERE S is CWSource, S name "ldap"',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   149
                            {"conf": CONFIG_LDAPFEED, 'url': URL} )
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   150
            session.commit()
8904
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   151
        self.pull()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   152
9142
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   153
    def add_ldap_entry(self, dn, mods):
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   154
        """
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   155
        add an LDAP entity
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   156
        """
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   157
        modcmd = ['dn: %s'%dn, 'changetype: add']
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   158
        for key, values in mods.iteritems():
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   159
            if isinstance(values, basestring):
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   160
                values = [values]
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   161
            for value in values:
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   162
                modcmd.append('%s: %s'%(key, value))
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   163
        self._ldapmodify(modcmd)
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   164
8904
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   165
    def delete_ldap_entry(self, dn):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   166
        """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   167
        delete an LDAP entity
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   168
        """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   169
        modcmd = ['dn: %s'%dn, 'changetype: delete']
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   170
        self._ldapmodify(modcmd)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   171
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   172
    def update_ldap_entry(self, dn, mods):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   173
        """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   174
        modify one or more attributes of an LDAP entity
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   175
        """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   176
        modcmd = ['dn: %s'%dn, 'changetype: modify']
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   177
        for (kind, key), values in mods.iteritems():
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   178
            modcmd.append('%s: %s' % (kind, key))
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   179
            if isinstance(values, basestring):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   180
                values = [values]
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   181
            for value in values:
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   182
                modcmd.append('%s: %s'%(key, value))
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   183
            modcmd.append('-')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   184
        self._ldapmodify(modcmd)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   185
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   186
    def _ldapmodify(self, modcmd):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   187
        uri = self.repo.sources_by_uri['ldap'].urls[0]
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   188
        updatecmd = ['ldapmodify', '-H', uri, '-v', '-x', '-D',
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   189
                     'cn=admin,dc=cubicweb,dc=test', '-w', 'cw']
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   190
        PIPE = subprocess.PIPE
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   191
        p = subprocess.Popen(updatecmd, stdin=PIPE, stdout=PIPE, stderr=PIPE)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   192
        p.stdin.write('\n'.join(modcmd))
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   193
        p.stdin.close()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   194
        if p.wait():
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   195
            raise RuntimeError("ldap update failed: %s"%('\n'.join(p.stderr.readlines())))
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   196
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   197
class CheckWrongGroup(LDAPFeedTestBase):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   198
    """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   199
    A testcase for situations where the default group for CWUser
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   200
    created from LDAP is wrongly configured.
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   201
    """
8679
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   202
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   203
    def test_wrong_group(self):
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   204
        with self.session.repo.internal_session(safe=True) as session:
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   205
            source = self.session.execute('CWSource S WHERE S type="ldapfeed"').get_entity(0,0)
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   206
            config = source.repo_source.check_config(source)
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   207
            # inject a bogus group here, along with at least a valid one
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   208
            config['user-default-group'] = ('thisgroupdoesnotexists','users')
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   209
            source.repo_source.update_config(source, config)
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   210
            session.commit(free_cnxset=False)
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   211
            # here we emitted an error log entry
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   212
            stats = source.repo_source.pull_data(session, force=True, raise_on_error=True)
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   213
            session.commit()
cf4dacc80976 [ldapfeed] don't crash if one specify an unexisting group in the configuration. Closes #2538399
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8639
diff changeset
   214
8901
661b6aaac240 [test/ldap source] better source naming, some cleanups (prepares #2528116)
Jérôme Roy
parents: 8885
diff changeset
   215
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   216
8904
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   217
class LDAPFeedUserTC(LDAPFeedTestBase):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   218
    """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   219
    A testcase for CWUser support in ldapfeed (basic tests and authentication).
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   220
    """
8684
6c7c2a02c9a0 [ldap test] fix bad merge
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8683
diff changeset
   221
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   222
    def assertMetadata(self, entity):
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   223
        self.assertTrue(entity.creation_date)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   224
        self.assertTrue(entity.modification_date)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   225
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   226
    def test_authenticate(self):
8901
661b6aaac240 [test/ldap source] better source naming, some cleanups (prepares #2528116)
Jérôme Roy
parents: 8885
diff changeset
   227
        source = self.repo.sources_by_uri['ldap']
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   228
        self.session.set_cnxset()
8229
b7bc631816f7 [ldapfeed] make authentication actually working
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8188
diff changeset
   229
        # ensure we won't be logged against
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   230
        self.assertRaises(AuthenticationError,
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   231
                          source.authenticate, self.session, 'toto', 'toto')
8229
b7bc631816f7 [ldapfeed] make authentication actually working
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8188
diff changeset
   232
        self.assertTrue(source.authenticate(self.session, 'syt', 'syt'))
b7bc631816f7 [ldapfeed] make authentication actually working
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8188
diff changeset
   233
        self.assertTrue(self.repo.connect('syt', password='syt'))
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   234
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   235
    def test_base(self):
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   236
        # check a known one
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   237
        rset = self.sexecute('CWUser X WHERE X login %(login)s', {'login': 'syt'})
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   238
        e = rset.get_entity(0, 0)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   239
        self.assertEqual(e.login, 'syt')
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   240
        e.complete()
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   241
        self.assertMetadata(e)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   242
        self.assertEqual(e.firstname, None)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   243
        self.assertEqual(e.surname, None)
8921
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   244
        self.assertTrue('users' in [g.name for g in e.in_group])
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   245
        self.assertEqual(e.owned_by[0].login, 'syt')
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   246
        self.assertEqual(e.created_by, ())
8917
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
   247
        addresses = [pe.address for pe in e.use_email]
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
   248
        addresses.sort()
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
   249
        self.assertEqual(['sylvain.thenault@logilab.fr', 'syt@logilab.fr'],
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
   250
                         addresses)
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
   251
        self.assertIn(e.primary_email[0].address, ['sylvain.thenault@logilab.fr',
685b93559e33 [ldapfeed] add support for multiple email addresses from ldap
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8904
diff changeset
   252
                                                   'syt@logilab.fr'])
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   253
        # email content should be indexed on the user
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   254
        rset = self.sexecute('CWUser X WHERE X has_text "thenault"')
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   255
        self.assertEqual(rset.rows, [[e.eid]])
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   256
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   257
    def test_copy_to_system_source(self):
8921
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   258
        "make sure we can 'convert' an LDAP user into a system one"
8901
661b6aaac240 [test/ldap source] better source naming, some cleanups (prepares #2528116)
Jérôme Roy
parents: 8885
diff changeset
   259
        source = self.repo.sources_by_uri['ldap']
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   260
        eid = self.sexecute('CWUser X WHERE X login %(login)s', {'login': 'syt'})[0][0]
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   261
        self.sexecute('SET X cw_source S WHERE X eid %(x)s, S name "system"', {'x': eid})
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   262
        self.commit()
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   263
        source.reset_caches()
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   264
        rset = self.sexecute('CWUser X WHERE X login %(login)s', {'login': 'syt'})
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   265
        self.assertEqual(len(rset), 1)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   266
        e = rset.get_entity(0, 0)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   267
        self.assertEqual(e.eid, eid)
8430
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   268
        self.assertEqual(e.cw_metainformation(), {'source': {'type': u'native',
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   269
                                                             'uri': u'system',
5bee87a14bb1 fix ldap removal handling in ldapfeed (closes #2376625 and #2385133)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents: 8387
diff changeset
   270
                                                             'use-cwuri-as-url': False},
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   271
                                                  'type': 'CWUser',
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   272
                                                  'extid': None})
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   273
        self.assertEqual(e.cw_source[0].name, 'system')
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   274
        self.assertTrue(e.creation_date)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   275
        self.assertTrue(e.modification_date)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   276
        source.pull_data(self.session)
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   277
        rset = self.sexecute('CWUser X WHERE X login %(login)s', {'login': 'syt'})
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   278
        self.assertEqual(len(rset), 1)
8387
b59af20a868d [ldap] we may actually get back password from ldap
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8386
diff changeset
   279
        self.assertTrue(self.repo.system_source.authenticate(
b59af20a868d [ldap] we may actually get back password from ldap
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8386
diff changeset
   280
                self.session, 'syt', password='syt'))
8921
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   281
        # make sure the pull from ldap have not "reverted" user as a ldap-feed user
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   282
        self.assertEqual(e.cw_metainformation(), {'source': {'type': u'native',
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   283
                                                             'uri': u'system',
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   284
                                                             'use-cwuri-as-url': False},
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   285
                                                  'type': 'CWUser',
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   286
                                                  'extid': None})
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   287
        # and that the password stored in the system source is not empty or so
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   288
        user = self.execute('CWUser U WHERE U login "syt"').get_entity(0, 0)
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   289
        user.cw_clear_all_caches()
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   290
        pwd = self.session.system_sql("SELECT cw_upassword FROM cw_cwuser WHERE cw_login='syt';").fetchall()[0][0]
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   291
        self.assertIsNotNone(pwd)
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   292
        self.assertTrue(str(pwd))
da46624a0880 [test/ldap] small improvement to ldapfeed unit tests
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8917
diff changeset
   293
8188
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   294
1867e252e487 [repository] ldap-feed source. Closes #2086984
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 8146
diff changeset
   295
8904
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   296
class LDAPFeedUserDeletionTC(LDAPFeedTestBase):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   297
    """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   298
    A testcase for situations where users are deleted from or
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   299
    unavailabe in the LDAP database.
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   300
    """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   301
    def test_a_filter_inactivate(self):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   302
        """ filtered out people should be deactivated, unable to authenticate """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   303
        source = self.session.execute('CWSource S WHERE S type="ldapfeed"').get_entity(0,0)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   304
        config = source.repo_source.check_config(source)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   305
        # filter with adim's phone number
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   306
        config['user-filter'] = u'(%s=%s)' % ('telephoneNumber', '109')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   307
        source.repo_source.update_config(source, config)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   308
        self.commit()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   309
        self.pull()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   310
        self.assertRaises(AuthenticationError, self.repo.connect, 'syt', password='syt')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   311
        self.assertEqual(self.execute('Any N WHERE U login "syt", '
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   312
                                      'U in_state S, S name N').rows[0][0],
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   313
                         'deactivated')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   314
        self.assertEqual(self.execute('Any N WHERE U login "adim", '
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   315
                                      'U in_state S, S name N').rows[0][0],
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   316
                         'activated')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   317
        # unfilter, syt should be activated again
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   318
        config['user-filter'] = u''
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   319
        source.repo_source.update_config(source, config)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   320
        self.commit()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   321
        self.pull()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   322
        self.assertEqual(self.execute('Any N WHERE U login "syt", '
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   323
                                      'U in_state S, S name N').rows[0][0],
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   324
                         'activated')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   325
        self.assertEqual(self.execute('Any N WHERE U login "adim", '
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   326
                                      'U in_state S, S name N').rows[0][0],
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   327
                         'activated')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   328
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   329
    def test_delete(self):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   330
        """ delete syt, pull, check deactivation, repull,
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   331
        read syt, pull, check activation
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   332
        """
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   333
        self.delete_ldap_entry('uid=syt,ou=People,dc=cubicweb,dc=test')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   334
        self.pull()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   335
        self.assertRaises(AuthenticationError, self.repo.connect, 'syt', password='syt')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   336
        self.assertEqual(self.execute('Any N WHERE U login "syt", '
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   337
                                      'U in_state S, S name N').rows[0][0],
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   338
                         'deactivated')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   339
        # check that it doesn't choke
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   340
        self.pull()
9142
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   341
        # reinsert syt
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   342
        self.add_ldap_entry('uid=syt,ou=People,dc=cubicweb,dc=test',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   343
                            { 'objectClass': ['OpenLDAPperson','posixAccount','top','shadowAccount'],
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   344
                              'cn': 'Sylvain Thenault',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   345
                              'sn': 'Thenault',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   346
                              'gidNumber': '1004',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   347
                              'uid': 'syt',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   348
                              'homeDirectory': '/home/syt',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   349
                              'shadowFlag': '134538764',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   350
                              'uidNumber': '1004',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   351
                              'givenName': 'Sylvain',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   352
                              'telephoneNumber': '106',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   353
                              'displayName': 'sthenault',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   354
                              'gecos': 'Sylvain Thenault',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   355
                              'mail': ['sylvain.thenault@logilab.fr','syt@logilab.fr'],
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   356
                              'userPassword': 'syt',
41fb930dc751 [test/ldap] fix ldap tests
David Douard <david.douard@logilab.fr>
parents: 8959
diff changeset
   357
                             })
8904
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   358
        self.pull()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   359
        self.assertEqual(self.execute('Any N WHERE U login "syt", '
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   360
                                      'U in_state S, S name N').rows[0][0],
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   361
                         'activated')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   362
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   363
    def test_reactivate_deleted(self):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   364
        # test reactivating BY HAND the user isn't enough to
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   365
        # authenticate, as the native source refuse to authenticate
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   366
        # user from other sources
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   367
        self.delete_ldap_entry('uid=syt,ou=People,dc=cubicweb,dc=test')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   368
        self.pull()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   369
        # reactivate user (which source is still ldap-feed)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   370
        user = self.execute('CWUser U WHERE U login "syt"').get_entity(0, 0)
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   371
        user.cw_adapt_to('IWorkflowable').fire_transition('activate')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   372
        self.commit()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   373
        with self.assertRaises(AuthenticationError):
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   374
            self.repo.connect('syt', password='syt')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   375
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   376
        # ok now let's try to make it a system user
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   377
        self.sexecute('SET X cw_source S WHERE X eid %(x)s, S name "system"', {'x': user.eid})
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   378
        self.commit()
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   379
        # and that we can now authenticate again
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   380
        self.assertRaises(AuthenticationError, self.repo.connect, 'syt', password='toto')
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   381
        self.assertTrue(self.repo.connect('syt', password='syt'))
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   382
8922
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   383
class LDAPFeedGroupTC(LDAPFeedTestBase):
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   384
    """
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   385
    A testcase for group support in ldapfeed.
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   386
    """
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   387
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   388
    def test_groups_exist(self):
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   389
        rset = self.sexecute('CWGroup X WHERE X name "dir"')
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   390
        self.assertEqual(len(rset), 1)
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   391
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   392
        rset = self.sexecute('CWGroup X WHERE X cw_source S, S name "ldap"')
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   393
        self.assertEqual(len(rset), 2)
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   394
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   395
    def test_group_deleted(self):
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   396
        rset = self.sexecute('CWGroup X WHERE X name "dir"')
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   397
        self.assertEqual(len(rset), 1)
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   398
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   399
    def test_in_group(self):
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   400
        rset = self.sexecute('CWGroup X WHERE X name %(name)s', {'name': 'dir'})
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   401
        dirgroup = rset.get_entity(0, 0)
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   402
        self.assertEqual(set(['syt', 'adim']),
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   403
                         set([u.login for u in dirgroup.reverse_in_group]))
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   404
        rset = self.sexecute('CWGroup X WHERE X name %(name)s', {'name': 'logilab'})
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   405
        logilabgroup = rset.get_entity(0, 0)
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   406
        self.assertEqual(set(['adim']),
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   407
                         set([u.login for u in logilabgroup.reverse_in_group]))
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   408
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   409
    def test_group_member_added(self):
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   410
        self.pull()
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   411
        rset = self.sexecute('Any L WHERE U in_group G, G name %(name)s, U login L',
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   412
                             {'name': 'logilab'})
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   413
        self.assertEqual(len(rset), 1)
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   414
        self.assertEqual(rset[0][0], 'adim')
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   415
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   416
        try:
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   417
            self.update_ldap_entry('cn=logilab,ou=Group,dc=cubicweb,dc=test',
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   418
                                   {('add', 'memberUid'): ['syt']})
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   419
            time.sleep(1.1) # timestamps precision is 1s
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   420
            self.pull()
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   421
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   422
            rset = self.sexecute('Any L WHERE U in_group G, G name %(name)s, U login L',
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   423
                                 {'name': 'logilab'})
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   424
            self.assertEqual(len(rset), 2)
8959
69a78922114b [test/ldap] do not assume order
David Douard <david.douard@logilab.fr>
parents: 8922
diff changeset
   425
            members = set([u[0] for u in rset])
69a78922114b [test/ldap] do not assume order
David Douard <david.douard@logilab.fr>
parents: 8922
diff changeset
   426
            self.assertEqual(set(['adim', 'syt']), members)
8922
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   427
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   428
        finally:
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   429
            # back to normal ldap setup
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   430
            self.tearDownClass()
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   431
            self.setUpClass()
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   432
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   433
    def test_group_member_deleted(self):
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   434
        self.pull() # ensure we are sync'ed
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   435
        rset = self.sexecute('Any L WHERE U in_group G, G name %(name)s, U login L',
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   436
                             {'name': 'logilab'})
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   437
        self.assertEqual(len(rset), 1)
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   438
        self.assertEqual(rset[0][0], 'adim')
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   439
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   440
        try:
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   441
            self.update_ldap_entry('cn=logilab,ou=Group,dc=cubicweb,dc=test',
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   442
                                   {('delete', 'memberUid'): ['adim']})
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   443
            time.sleep(1.1) # timestamps precision is 1s
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   444
            self.pull()
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   445
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   446
            rset = self.sexecute('Any L WHERE U in_group G, G name %(name)s, U login L',
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   447
                                 {'name': 'logilab'})
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   448
            self.assertEqual(len(rset), 0)
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   449
        finally:
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   450
            # back to normal ldap setup
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   451
            self.tearDownClass()
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   452
            self.setUpClass()
715b9eec6da9 [ldapfeed] Add support for LDAP groups (closes #2528116)
David Douard <david.douard@logilab.fr>
parents: 8921
diff changeset
   453
8904
030463e2b620 [ldap] Major test refactoring
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents: 8903
diff changeset
   454
1802
d628defebc17 delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 1398
diff changeset
   455
360
600dd2fe8b40 backport unittest_ldapuser
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
diff changeset
   456
if __name__ == '__main__':
600dd2fe8b40 backport unittest_ldapuser
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
diff changeset
   457
    unittest_main()