[1.5.x] Fixed #19057 (again) -- added additional tests
This commit is contained in:
parent
e784b5e594
commit
402a986c25
|
@ -21,17 +21,12 @@ def check_password(environ, username, password):
|
||||||
user = UserModel.objects.get_by_natural_key(username)
|
user = UserModel.objects.get_by_natural_key(username)
|
||||||
except UserModel.DoesNotExist:
|
except UserModel.DoesNotExist:
|
||||||
return None
|
return None
|
||||||
try:
|
if not user.is_active:
|
||||||
if not user.is_active:
|
|
||||||
return None
|
|
||||||
except AttributeError as e:
|
|
||||||
# a custom user may not support is_active
|
|
||||||
return None
|
return None
|
||||||
return user.check_password(password)
|
return user.check_password(password)
|
||||||
finally:
|
finally:
|
||||||
db.close_connection()
|
db.close_connection()
|
||||||
|
|
||||||
|
|
||||||
def groups_for_user(environ, username):
|
def groups_for_user(environ, username):
|
||||||
"""
|
"""
|
||||||
Authorizes a user based on groups
|
Authorizes a user based on groups
|
||||||
|
|
|
@ -2,31 +2,23 @@ from __future__ import unicode_literals
|
||||||
|
|
||||||
from django.contrib.auth.handlers.modwsgi import check_password, groups_for_user
|
from django.contrib.auth.handlers.modwsgi import check_password, groups_for_user
|
||||||
from django.contrib.auth.models import User, Group
|
from django.contrib.auth.models import User, Group
|
||||||
|
from django.contrib.auth.tests import CustomUser
|
||||||
from django.contrib.auth.tests.utils import skipIfCustomUser
|
from django.contrib.auth.tests.utils import skipIfCustomUser
|
||||||
from django.test import TransactionTestCase
|
from django.test import TransactionTestCase
|
||||||
|
from django.test.utils import override_settings
|
||||||
|
|
||||||
|
|
||||||
class ModWsgiHandlerTestCase(TransactionTestCase):
|
class ModWsgiHandlerTestCase(TransactionTestCase):
|
||||||
"""
|
"""
|
||||||
Tests for the mod_wsgi authentication handler
|
Tests for the mod_wsgi authentication handler
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def setUp(self):
|
|
||||||
user1 = User.objects.create_user('test', 'test@example.com', 'test')
|
|
||||||
User.objects.create_user('test1', 'test1@example.com', 'test1')
|
|
||||||
group = Group.objects.create(name='test_group')
|
|
||||||
user1.groups.add(group)
|
|
||||||
|
|
||||||
@skipIfCustomUser
|
@skipIfCustomUser
|
||||||
def test_check_password(self):
|
def test_check_password(self):
|
||||||
"""
|
"""
|
||||||
Verify that check_password returns the correct values as per
|
Verify that check_password returns the correct values as per
|
||||||
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
|
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
|
||||||
|
|
||||||
because the custom user available in the test framework does not
|
|
||||||
support the is_active attribute, we can't test this with a custom
|
|
||||||
user.
|
|
||||||
"""
|
"""
|
||||||
|
User.objects.create_user('test', 'test@example.com', 'test')
|
||||||
|
|
||||||
# User not in database
|
# User not in database
|
||||||
self.assertTrue(check_password({}, 'unknown', '') is None)
|
self.assertTrue(check_password({}, 'unknown', '') is None)
|
||||||
|
@ -34,15 +26,43 @@ class ModWsgiHandlerTestCase(TransactionTestCase):
|
||||||
# Valid user with correct password
|
# Valid user with correct password
|
||||||
self.assertTrue(check_password({}, 'test', 'test'))
|
self.assertTrue(check_password({}, 'test', 'test'))
|
||||||
|
|
||||||
|
# correct password, but user is inactive
|
||||||
|
User.objects.filter(username='test').update(is_active=False)
|
||||||
|
self.assertFalse(check_password({}, 'test', 'test'))
|
||||||
|
|
||||||
# Valid user with incorrect password
|
# Valid user with incorrect password
|
||||||
self.assertFalse(check_password({}, 'test', 'incorrect'))
|
self.assertFalse(check_password({}, 'test', 'incorrect'))
|
||||||
|
|
||||||
|
@override_settings(AUTH_USER_MODEL='auth.CustomUser')
|
||||||
|
def test_check_password_custom_user(self):
|
||||||
|
"""
|
||||||
|
Verify that check_password returns the correct values as per
|
||||||
|
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
|
||||||
|
|
||||||
|
with custom user installed
|
||||||
|
"""
|
||||||
|
|
||||||
|
CustomUser.objects.create_user('test@example.com', '1990-01-01', 'test')
|
||||||
|
|
||||||
|
# User not in database
|
||||||
|
self.assertTrue(check_password({}, 'unknown', '') is None)
|
||||||
|
|
||||||
|
# Valid user with correct password'
|
||||||
|
self.assertTrue(check_password({}, 'test@example.com', 'test'))
|
||||||
|
|
||||||
|
# Valid user with incorrect password
|
||||||
|
self.assertFalse(check_password({}, 'test@example.com', 'incorrect'))
|
||||||
|
|
||||||
@skipIfCustomUser
|
@skipIfCustomUser
|
||||||
def test_groups_for_user(self):
|
def test_groups_for_user(self):
|
||||||
"""
|
"""
|
||||||
Check that groups_for_user returns correct values as per
|
Check that groups_for_user returns correct values as per
|
||||||
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Group_Authorisation
|
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Group_Authorisation
|
||||||
"""
|
"""
|
||||||
|
user1 = User.objects.create_user('test', 'test@example.com', 'test')
|
||||||
|
User.objects.create_user('test1', 'test1@example.com', 'test1')
|
||||||
|
group = Group.objects.create(name='test_group')
|
||||||
|
user1.groups.add(group)
|
||||||
|
|
||||||
# User not in database
|
# User not in database
|
||||||
self.assertEqual(groups_for_user({}, 'unknown'), [])
|
self.assertEqual(groups_for_user({}, 'unknown'), [])
|
||||||
|
|
Loading…
Reference in New Issue