Server IP : 85.214.239.14 / Your IP : 3.147.82.22 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /srv/modoboa/env/lib64/python3.5/site-packages/modoboa/core/tests/ |
Upload File : |
"""Tests for core application.""" from unittest import skipIf from django.test import override_settings from django.urls import reverse from django.utils.functional import cached_property from modoboa.lib import exceptions from modoboa.lib.tests import NO_LDAP, ModoTestCase from .. import factories, models @skipIf(NO_LDAP, "No ldap module installed") class LDAPTestCaseMixin(object): """Set of methods used to test LDAP features.""" @cached_property def ldapauthbackend(self): """Return LDAPAuthBackend instance.""" from modoboa.lib.ldap_utils import LDAPAuthBackend return LDAPAuthBackend() def activate_ldap_authentication(self): """Modify settings.""" self.set_global_parameters({ "authentication_type": "ldap", "ldap_server_port": 3389 }) def restore_user_password(self, username, new_password): """Restore user password to its initial state.""" for password in ["Toto1234", "test"]: try: self.ldapauthbackend.update_user_password( username, password, new_password) except exceptions.InternalError: pass else: return raise RuntimeError("Can't restore user password.") def authenticate(self, user, password, restore_before=True): """Restore password and authenticate user.""" self.client.logout() if restore_before: self.restore_user_password(user, password) self.assertTrue( self.client.login(username=user, password=password)) def searchbind_mode(self): """Apply settings required by the searchbind mode.""" self.set_global_parameters({ "ldap_auth_method": "searchbind", "ldap_bind_dn": "cn=admin,dc=example,dc=com", "ldap_bind_password": "test", "ldap_search_base": "ou=users,dc=example,dc=com" }) def directbind_mode(self): """Apply settings required by the directbind mode.""" self.set_global_parameters({ "ldap_auth_method": "directbind", "ldap_user_dn_template": "cn=%(user)s,ou=users,dc=example,dc=com" }) @override_settings(AUTHENTICATION_BACKENDS=( "modoboa.lib.authbackends.LDAPBackend", "django.contrib.auth.backends.ModelBackend" )) class LDAPAuthenticationTestCase(LDAPTestCaseMixin, ModoTestCase): """Validate LDAP authentication scenarios.""" def setUp(self): """Create test data.""" super(LDAPAuthenticationTestCase, self).setUp() self.activate_ldap_authentication() def check_created_user(self, username, group="SimpleUsers", with_mb=True): """Check that created user is valid.""" user = models.User.objects.get(username=username) self.assertEqual(user.role, group) if with_mb: self.assertEqual(user.email, username) self.assertEqual(user.mailbox.domain.name, "example.com") self.assertEqual(user.mailbox.full_address, username) @override_settings(AUTH_LDAP_USER_DN_TEMPLATE=None) def test_searchbind_authentication(self): """Test the bind&search method.""" self.searchbind_mode() username = "testuser@example.com" self.authenticate(username, "test") self.check_created_user(username) self.set_global_parameters({ "ldap_admin_groups": "admins", "ldap_groups_search_base": "ou=groups,dc=example,dc=com" }) username = "mailadmin@example.com" self.authenticate(username, "test", False) self.check_created_user(username, "DomainAdmins") def test_directbind_authentication(self): """Test the directbind method.""" self.client.logout() self.directbind_mode() username = "testuser" self.client.login(username=username, password="test") self.check_created_user(username + "@example.com") # 1: must work because usernames of domain admins are not # always email addresses self.set_global_parameters({ "ldap_admin_groups": "admins", "ldap_groups_search_base": "ou=groups,dc=example,dc=com" }) username = "mailadmin" self.authenticate(username, "test", False) self.check_created_user("mailadmin@example.com", "DomainAdmins", False) class ProfileTestCase(LDAPTestCaseMixin, ModoTestCase): """Profile related tests.""" @classmethod def setUpTestData(cls): # NOQA:N802 """Create test data.""" super(ProfileTestCase, cls).setUpTestData() cls.account = factories.UserFactory( username="user@test.com", groups=("SimpleUsers",) ) @override_settings(AUTHENTICATION_BACKENDS=( "modoboa.lib.authbackends.LDAPBackend", "django.contrib.auth.backends.ModelBackend" )) def test_update_password_ldap(self): """Update password for an LDAP user.""" self.activate_ldap_authentication() self.searchbind_mode() username = "testuser@example.com" self.authenticate(username, "test") self.ajax_post( reverse("core:user_profile"), {"language": "en", "oldpassword": "test", "newpassword": "Toto1234", "confirmation": "Toto1234"} ) self.authenticate(username, "Toto1234", False)