test_saml.py 5.14 KB
Newer Older
1
# copyright 2019-2022 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
Aurelien Lubert's avatar
Aurelien Lubert committed
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# contact http://www.logilab.fr -- mailto:contact@logilab.fr
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation, either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.

17
18
from mock import patch
from pyramid import testing
Aurelien Lubert's avatar
Aurelien Lubert committed
19

20
from cubicweb import ValidationError, NoResultError
21
from cubicweb.devtools import testlib
Aurelien Lubert's avatar
Aurelien Lubert committed
22

23
from cubicweb_saml.utils import (build_base_url,
24
25
26
                                 execute_rql,
                                 find_group_by_name,
                                 find_user_by_login,
27
28
                                 generate_hash,
                                 get_user,
29
30
                                 register_user,
                                 register_user_into_db)
Aurelien Lubert's avatar
Aurelien Lubert committed
31
32


33
class _SAMLCommonTC(testlib.CubicWebTC):
Aurelien Lubert's avatar
Aurelien Lubert committed
34

35
    def setUp(self):
36
        super(_SAMLCommonTC, self).setUp()
Aurelien Lubert's avatar
Aurelien Lubert committed
37

38
39
40
        self.request = testing.DummyRequest(post={'SAMLResponse': ''})
        self.request.registry['cubicweb.config'] = self.config
        self.request.registry['cubicweb.repository'] = self.repo
Aurelien Lubert's avatar
Aurelien Lubert committed
41

42
43
44

class SAMLUtilsTC(_SAMLCommonTC):

45
46
    def test_build_base_url(self):
        config = self.vreg.config
Aurelien Lubert's avatar
Aurelien Lubert committed
47

48
49
50
51
52
53
54
55
56
57
58
59
60
61
        self.assertEqual(
            build_base_url(config), 'http://testing.fr/cubicweb/')

        config['base-url'] = 'http://url.without.backslash'

        self.assertEqual(
            build_base_url(config), 'http://url.without.backslash/')

    def test_generate_hash(self):
        self.assertNotEqual(generate_hash('example'),
                            generate_hash('example'))

        self.assertIsNotNone(generate_hash('example', 'with', 'arguments'))

62
63
64

class SAMLDatabaseTC(_SAMLCommonTC):

65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
    def test_execute_rql(self):
        with self.admin_access.repo_cnx() as cnx:
            self.assertIsNone(execute_rql(
                cnx,
                "Any U WHERE U is CWUser, U login %(login)s",
                login="CubicWeb"))

            rset = execute_rql(cnx, "Any U WHERE U is CWUser, U login 'admin'")
            self.assertIsInstance(rset, int)
            self.assertEqual(rset, 6)

    def test_find_user_by_login(self):
        with self.admin_access.repo_cnx() as cnx:
            user_eid = register_user_into_db(cnx, "test", "managers", "psswd")

            find_eid = find_user_by_login(cnx, "test")
            self.assertEqual(user_eid, find_eid)

    def test_find_group_by_name(self):
        with self.admin_access.repo_cnx() as cnx:
            self.assertIsNotNone(find_group_by_name(cnx, "managers"))
            self.assertIsNotNone(find_group_by_name(cnx, "users"))
            self.assertIsNone(find_group_by_name(cnx, "watchmen"))

    def test_register_an_user_into_db(self):
        with self.admin_access.repo_cnx() as cnx:
            with self.assertRaises(NoResultError):
                cnx.execute("Any U WHERE U is CWUser, U login 'test'").one()

            user_eid = register_user_into_db(cnx, "test", "managers", "psswd")
            self.assertIsInstance(user_eid, int)

            user = cnx.entity_from_eid(user_eid)
            self.assertEqual(user.login, "test")
            self.assertIn("managers", user.groups)


class SAMLResponseTC(_SAMLCommonTC):

104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
    def test_get_an_unknown_user(self):
        with patch('cubicweb_saml.utils.retrieve_identity_from_client',
                   return_value=('unknown_user', {})):

            self.assertIsNone(get_user(self.request))

    def test_get_an_existing_user(self):
        with self.admin_access.repo_cnx() as cnx:
            user = self.create_user(cnx, 'saml_user')

            with patch('cubicweb_saml.utils.retrieve_identity_from_client',
                       return_value=('saml_user', {})):

                userid = get_user(self.request)

                self.assertEqual(userid, user.eid)

    def test_register_a_new_user(self):
        with patch('cubicweb_saml.utils.retrieve_identity_from_client',
                   return_value=('saml_user', {})):

            self.assertIsNone(get_user(self.request))

            userid = register_user(self.request)

            self.assertIsNotNone(userid)
            self.assertEqual(get_user(self.request), userid)

    def test_register_an_existing_user(self):
        with self.admin_access.repo_cnx() as cnx:
            self.create_user(cnx, 'saml_user')

            with patch('cubicweb_saml.utils.retrieve_identity_from_client',
                       return_value=('saml_user', {})):
Aurelien Lubert's avatar
Aurelien Lubert committed
138

139
                self.assertIsNotNone(get_user(self.request))
Aurelien Lubert's avatar
Aurelien Lubert committed
140

141
142
                with self.assertRaises(ValidationError):
                    register_user(self.request)
Aurelien Lubert's avatar
Aurelien Lubert committed
143
144
145
146
147


if __name__ == '__main__':
    from unittest import main
    main()