paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-02 04:53:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

ldap tests: Put django_to_ldap tests in DjangoToLDAPUsernameTests.

Browse Source 
test_auth_backends had a few random django_to_ldap_username tests laying
around, they belong in DjangoToLDAPUsernameTests.
This commit is contained in:
Mateusz Mandera
2019-11-01 23:11:14 +01:00
committed by Tim Abbott
parent 9f330fba8e
commit bb3ddb9576
2 changed files with 24 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
zerver/tests/test_auth_backends.py
View File

@@ -54,7 +54,7 @@ from zproject.backends import ZulipDummyBackend, EmailAuthBackend, \
ZulipLDAPUserPopulator, DevAuthBackend, GitHubAuthBackend, ZulipAuthMixin, \
dev_auth_enabled, password_auth_enabled, github_auth_enabled, google_auth_enabled, \
require_email_format_usernames, AUTH_BACKEND_NAME_MAP, \
ZulipLDAPConfigurationError, ZulipLDAPExceptionOutsideDomain, \
ZulipLDAPConfigurationError, \
ZulipLDAPException, query_ldap, sync_user_from_ldap, SocialAuthMixin, \
PopulateUserLDAPError, SAMLAuthBackend, saml_auth_enabled, email_belongs_to_ldap, \
get_social_backend_dicts, AzureADAuthBackend
@@ -2535,52 +2535,6 @@ class TestLDAP(ZulipLDAPTestCase):
self.assertTrue(backend.get_all_permissions(None, None) == set())
self.assertTrue(backend.get_group_permissions(None, None) == set())
@override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',))
def test_django_to_ldap_username_without_append_domain(self) -> None:
backend = self.backend
with self.settings(
AUTH_LDAP_REVERSE_EMAIL_SEARCH = LDAPSearch("ou=users,dc=zulip,dc=com",
ldap.SCOPE_ONELEVEL,
"(uid=%(email)s)")
):
self.mock_ldap.directory = {
'uid="hamlet@test"@zulip.com",ou=users,dc=zulip,dc=com': {
"cn": ["King Hamlet"],
"uid": ['"hamlet@test"@zulip.com'],
}
}
username = backend.django_to_ldap_username('"hamlet@test"@zulip.com')
self.assertEqual(username, '"hamlet@test"@zulip.com')
@override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',))
def test_django_to_ldap_username_with_append_domain(self) -> None:
backend = self.backend
with self.settings(LDAP_APPEND_DOMAIN='zulip.com'):
self.mock_ldap.directory = {
'uid="hamlet@test",ou=users,dc=zulip,dc=com': {
"cn": ["King Hamlet"],
"uid": ['"hamlet@test"'],
}
}
username = backend.django_to_ldap_username('"hamlet@test"@zulip.com')
self.assertEqual(username, '"hamlet@test"')
self.mock_ldap.directory = {
'uid="hamlet@test"@zulip,ou=users,dc=zulip,dc=com': {
"cn": ["King Hamlet"],
"uid": ['"hamlet@test"@zulip'],
}
}
username = backend.django_to_ldap_username('"hamlet@test"@zulip')
self.assertEqual(username, '"hamlet@test"@zulip')
@override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',))
def test_django_to_ldap_username_with_invalid_domain(self) -> None:
backend = self.backend
with self.settings(LDAP_APPEND_DOMAIN='zulip.com'), \
self.assertRaises(ZulipLDAPExceptionOutsideDomain):
backend.django_to_ldap_username('"hamlet@test"@test.com')
@override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',))
def test_user_email_from_ldapuser_with_append_domain(self) -> None:
backend = self.backend
@@ -2693,14 +2647,6 @@ class TestLDAP(ZulipLDAPTestCase):
with self.assertRaisesRegex(Exception, "Missing required mapping for user's full name"):
backend.get_or_build_user(email, _LDAPUser())
@override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',))
def test_django_to_ldap_username_when_domain_does_not_match(self) -> None:
backend = self.backend
email = self.example_email("hamlet")
with self.assertRaisesRegex(Exception, 'Email hamlet@zulip.com does not match LDAP domain acme.com.'):
with self.settings(LDAP_APPEND_DOMAIN='acme.com'):
backend.django_to_ldap_username(email)
@override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.ZulipLDAPAuthBackend',))
def test_login_failure_when_domain_does_not_match(self) -> None:
with self.settings(LDAP_APPEND_DOMAIN='acme.com'):

24
zerver/tests/test_ldap.py
View File

@@ -26,9 +26,24 @@ class DjangoToLDAPUsernameTests(ZulipTestCase):
with self.settings(LDAP_APPEND_DOMAIN="zulip.com"):
self.assertEqual(self.backend.django_to_ldap_username("hamlet"), "hamlet")
self.assertEqual(self.backend.django_to_ldap_username("hamlet@zulip.com"), "hamlet")
with self.assertRaises(ZulipLDAPExceptionOutsideDomain):
with self.assertRaisesRegex(ZulipLDAPExceptionOutsideDomain,
'Email hamlet@example.com does not match LDAP domain zulip.com.'):
self.backend.django_to_ldap_username("hamlet@example.com")
self.mock_ldap.directory['uid="hamlet@test",ou=users,dc=zulip,dc=com'] = {
"cn": ["King Hamlet"],
"uid": ['"hamlet@test"'],
}
username = self.backend.django_to_ldap_username('"hamlet@test"@zulip.com')
self.assertEqual(username, '"hamlet@test"')
self.mock_ldap.directory['uid="hamlet@test"@zulip,ou=users,dc=zulip,dc=com'] = {
"cn": ["King Hamlet"],
"uid": ['"hamlet@test"@zulip'],
}
username = self.backend.django_to_ldap_username('"hamlet@test"@zulip')
self.assertEqual(username, '"hamlet@test"@zulip')
def test_django_to_ldap_username_without_email_search(self) -> None:
with self.settings(AUTH_LDAP_REVERSE_EMAIL_SEARCH=None):
self.assertEqual(self.backend.django_to_ldap_username("hamlet"), "hamlet")
@@ -73,6 +88,13 @@ class DjangoToLDAPUsernameTests(ZulipTestCase):
self.assertEqual(self.backend.django_to_ldap_username("newuser_email_as_uid@zulip.com"),
"newuser_email_as_uid@zulip.com")
self.mock_ldap.directory['uid="hamlet@test"@zulip.com",ou=users,dc=zulip,dc=com'] = {
"cn": ["King Hamlet"],
"uid": ['"hamlet@test"@zulip.com'],
}
username = self.backend.django_to_ldap_username('"hamlet@test"@zulip.com')
self.assertEqual(username, '"hamlet@test"@zulip.com')
@override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.EmailAuthBackend',
'zproject.backends.ZulipLDAPAuthBackend',))
def test_authenticate_to_ldap_via_email(self) -> None: