Compare commits
2 Commits
e0bbe02bc1
...
2855163948
Author | SHA1 | Date | |
---|---|---|---|
2855163948 | |||
0c7821cbe5 |
|
@ -32,7 +32,7 @@ def extract_csrf_token(response):
|
||||||
|
|
||||||
def headless_login(client, user='gandalf@shire.me', password='shadowfax'):
|
def headless_login(client, user='gandalf@shire.me', password='shadowfax'):
|
||||||
# extract csrf token from the login page source
|
# extract csrf token from the login page source
|
||||||
response = client.get('/login')
|
response = client.get('/login', follow_redirects=True)
|
||||||
csrf_token = extract_csrf_token(response)
|
csrf_token = extract_csrf_token(response)
|
||||||
|
|
||||||
# send login information
|
# send login information
|
||||||
|
@ -53,6 +53,65 @@ def test_login_headless(client):
|
||||||
for link in soup.findAll('a', attrs={'class': ['btn'], 'role': 'button'})])
|
for link in soup.findAll('a', attrs={'class': ['btn'], 'role': 'button'})])
|
||||||
|
|
||||||
|
|
||||||
|
def test_login_ldap(client, temp_user, mocker):
|
||||||
|
# mock ldap validation for admin user
|
||||||
|
def mock_validate(username, password):
|
||||||
|
auth = username == temp_user['username'] and password == temp_user['password']
|
||||||
|
user_data = {'username': temp_user['username'],
|
||||||
|
'email': temp_user['email'],
|
||||||
|
'roles': ['admin'],
|
||||||
|
'password': temp_user['password']}
|
||||||
|
return auth, user_data
|
||||||
|
mocker.patch('imaginaerraum_door_admin.auth.validate_ldap', mock_validate)
|
||||||
|
|
||||||
|
user = find_user(temp_user['username'])
|
||||||
|
# remove local role so that ldap authentication is the default
|
||||||
|
user.roles.pop(0)
|
||||||
|
|
||||||
|
# log out admin user
|
||||||
|
client.get('/logout')
|
||||||
|
|
||||||
|
# log in temp user using ldap
|
||||||
|
response = headless_login(client, user=temp_user['username'],
|
||||||
|
password=temp_user['password'])
|
||||||
|
soup = BeautifulSoup(response.data, 'html.parser')
|
||||||
|
|
||||||
|
# make sure login succeeded -> Tür öffnen button will appear
|
||||||
|
assert any(['Tür öffnen' in link.contents[0]
|
||||||
|
for link in soup.findAll('a', attrs={'class': ['btn'],
|
||||||
|
'role': 'button'})])
|
||||||
|
|
||||||
|
|
||||||
|
def test_login_ldap_new_user(client, mocker):
|
||||||
|
# mock ldap validation for admin user
|
||||||
|
def mock_validate(username, password):
|
||||||
|
auth = True
|
||||||
|
user_data = {'username': 'Balrog',
|
||||||
|
'email': 'balrog@moria.me',
|
||||||
|
'roles': ['admin'],
|
||||||
|
'password': 'youshallnotpass'}
|
||||||
|
return auth, user_data
|
||||||
|
mocker.patch('imaginaerraum_door_admin.auth.validate_ldap', mock_validate)
|
||||||
|
|
||||||
|
# initially, the Balrog user should not exist
|
||||||
|
user = find_user('Balrog')
|
||||||
|
assert user is None
|
||||||
|
|
||||||
|
# log in temp user using ldap -> this will succeed and create a local user
|
||||||
|
response = headless_login(client, user='Balrog',
|
||||||
|
password='youshallnotpass')
|
||||||
|
soup = BeautifulSoup(response.data, 'html.parser')
|
||||||
|
|
||||||
|
# make sure user is now created locally
|
||||||
|
user = find_user('Balrog')
|
||||||
|
assert user is not None
|
||||||
|
|
||||||
|
# make sure login succeeded -> Tür öffnen button will appear
|
||||||
|
assert any(['Tür öffnen' in link.contents[0]
|
||||||
|
for link in soup.findAll('a', attrs={'class': ['btn'],
|
||||||
|
'role': 'button'})])
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def client_authenticated(client):
|
def client_authenticated(client):
|
||||||
# log in using admin account for testing
|
# log in using admin account for testing
|
||||||
|
@ -210,6 +269,12 @@ def test_activate_deactivate_user(temp_user, client_authenticated):
|
||||||
assert user is not None
|
assert user is not None
|
||||||
assert user.active
|
assert user.active
|
||||||
|
|
||||||
|
# test deactivating super admin
|
||||||
|
response = client_authenticated.get(f"/admin_toggle_active/gandalf",
|
||||||
|
follow_redirects=True)
|
||||||
|
assert 'Super-Admins können nicht deaktiviert werden!' \
|
||||||
|
in response.data.decode()
|
||||||
|
|
||||||
|
|
||||||
def test_delete_admin(temp_user, client_authenticated):
|
def test_delete_admin(temp_user, client_authenticated):
|
||||||
# first we test deleting a non-existing user
|
# first we test deleting a non-existing user
|
||||||
|
|
Loading…
Reference in New Issue
Block a user