diff options
author | Theo Chatzimichos <tampakrap@gentoo.org> | 2013-08-25 12:06:14 +0200 |
---|---|---|
committer | Theo Chatzimichos <tampakrap@gentoo.org> | 2013-08-26 00:17:15 +0200 |
commit | eccde927d0110f84c02f0816710bce343da53b67 (patch) | |
tree | b825444e7af1596a49dc4db0ddf0fb98583607f7 | |
parent | Add flake8 support in runtests (diff) | |
download | identity.gentoo.org-eccde927d0110f84c02f0816710bce343da53b67.tar.gz identity.gentoo.org-eccde927d0110f84c02f0816710bce343da53b67.tar.bz2 identity.gentoo.org-eccde927d0110f84c02f0816710bce343da53b67.zip |
Fix flake8 errors
-rw-r--r-- | okupy/accounts/forms.py | 3 | ||||
-rw-r--r-- | okupy/accounts/openid_store.py | 3 | ||||
-rw-r--r-- | okupy/accounts/urls.py | 12 | ||||
-rw-r--r-- | okupy/accounts/views.py | 39 | ||||
-rw-r--r-- | okupy/common/decorators.py | 2 | ||||
-rw-r--r-- | okupy/common/ldap_helpers.py | 6 | ||||
-rw-r--r-- | okupy/common/ssh.py | 6 | ||||
-rw-r--r-- | okupy/otp/__init__.py | 1 | ||||
-rw-r--r-- | okupy/otp/sotp/models.py | 2 | ||||
-rw-r--r-- | okupy/otp/totp/models.py | 4 | ||||
-rw-r--r-- | okupy/tests/integration/__init__.py | 1 | ||||
-rw-r--r-- | okupy/tests/integration/test_index.py | 6 | ||||
-rw-r--r-- | okupy/tests/integration/test_lists.py | 3 | ||||
-rw-r--r-- | okupy/tests/integration/test_login.py | 4 | ||||
-rw-r--r-- | okupy/tests/integration/test_signup.py | 1 | ||||
-rw-r--r-- | okupy/tests/unit/test_lists.py | 17 | ||||
-rw-r--r-- | okupy/tests/unit/test_login.py | 62 | ||||
-rw-r--r-- | okupy/tests/unit/test_openid.py | 16 | ||||
-rw-r--r-- | okupy/tests/unit/test_secondary_password.py | 82 | ||||
-rw-r--r-- | okupy/tests/unit/test_signup.py | 136 | ||||
-rw-r--r-- | okupy/tests/unit/test_ssh.py | 7 | ||||
-rw-r--r-- | okupy/tests/vars.py | 36 | ||||
-rw-r--r-- | okupy/urls.py | 3 | ||||
-rw-r--r-- | okupy/wsgi.py | 1 |
24 files changed, 299 insertions, 154 deletions
diff --git a/okupy/accounts/forms.py b/okupy/accounts/forms.py index a5a7b25..8997e1c 100644 --- a/okupy/accounts/forms.py +++ b/okupy/accounts/forms.py @@ -18,7 +18,8 @@ class StrongAuthForm(forms.Form): class OpenIDLoginForm(LoginForm): - auto_logout = forms.BooleanField(required=False, + auto_logout = forms.BooleanField( + required=False, label='Log out after answering the OpenID request') diff --git a/okupy/accounts/openid_store.py b/okupy/accounts/openid_store.py index cce93f7..b58fce7 100644 --- a/okupy/accounts/openid_store.py +++ b/okupy/accounts/openid_store.py @@ -3,7 +3,6 @@ import base64 import calendar import datetime -import time from django.db import IntegrityError from django.utils import timezone @@ -66,7 +65,7 @@ class DjangoDBOpenIDStore(OpenIDStore): assert(server_uri is not None) assert(handle is not None) - objs = self._db_getAssocs(server_uri, handle) + self._db_getAssocs(server_uri, handle) # determining whether something was deleted is a waste of time # and django doesn't give us explicit 'affected rows' diff --git a/okupy/accounts/urls.py b/okupy/accounts/urls.py index 345596b..86b158b 100644 --- a/okupy/accounts/urls.py +++ b/okupy/accounts/urls.py @@ -3,14 +3,18 @@ from django.conf.urls import patterns, url from okupy.accounts import views as v -accounts_urlpatterns = patterns('', +accounts_urlpatterns = patterns( + '', url(r'^$', v.index, name="index"), url(r'^login/$', v.login), url(r'^ssl-auth/$', v.ssl_auth), url(r'^logout/$', v.logout, name="logout"), - url(r'^devlist/$', v.lists, {'acc_list': 'devlist'}, name="active_developers"), - url(r'^former-devlist/$', v.lists, {'acc_list': 'former-devlist'}, name="former_developers"), - url(r'^foundation-members/$', v.lists, {'acc_list': 'foundation-members'}, name="foundation_members"), + url(r'^devlist/$', v.lists, {'acc_list': 'devlist'}, + name="active_developers"), + url(r'^former-devlist/$', v.lists, {'acc_list': 'former-devlist'}, + name="former_developers"), + url(r'^foundation-members/$', v.lists, {'acc_list': 'foundation-members'}, + name="foundation_members"), url(r'^signup/$', v.signup), url(r'^activate/(?P<token>[a-zA-Z0-9-_]+)/$', v.activate), url(r'^otp-setup/$', v.otp_setup), diff --git a/okupy/accounts/views.py b/okupy/accounts/views.py index e5acdc0..fc96f55 100644 --- a/okupy/accounts/views.py +++ b/okupy/accounts/views.py @@ -11,10 +11,8 @@ from django.forms.models import model_to_dict from django.http import (HttpResponse, HttpResponseForbidden, HttpResponseBadRequest) from django.views.decorators.cache import cache_page -from django.views.generic.base import View from django.shortcuts import redirect, render from django.utils.html import format_html -from django.utils.http import urlencode from django.views.decorators.csrf import csrf_exempt from django.views.decorators.http import require_POST from django_otp.decorators import otp_required @@ -25,7 +23,7 @@ from openid.server.server import (Server, ProtocolError, EncodingError, CheckIDRequest, ENCODE_URL, ENCODE_KVFORM, ENCODE_HTML_FORM) from passlib.hash import ldap_md5_crypt -from urlparse import urljoin, urlparse, parse_qsl +from urlparse import urljoin from okupy import OkupyError from okupy.accounts.forms import (LoginForm, OpenIDLoginForm, SSLCertLoginForm, @@ -49,14 +47,13 @@ import openid.yadis.discover import openid.fetchers import django_otp import io -import ldap -import ldap.modlist as modlist import logging import qrcode logger = logging.getLogger('okupy') logger_mail = logging.getLogger('mail_okupy') + @cache_page(60 * 20) def lists(request, acc_list): devlist = LDAPUser.objects.all() @@ -68,6 +65,7 @@ def lists(request, acc_list): devlist = devlist.filter(is_foundation=True) return render(request, '%s.html' % acc_list, {'devlist': devlist}) + @otp_required def index(request): ldb_user = LDAPUser.objects.filter(username=request.user.username) @@ -228,7 +226,7 @@ def ssl_auth(request): if user and user.is_active: _login(request, user) init_otp(request) - if request.user.is_verified(): # OTP disabled + if request.user.is_verified(): # OTP disabled next_uri = ssl_auth_form.cleaned_data['next'] else: messages.error(request, 'Certificate authentication failed') @@ -268,7 +266,7 @@ def signup(request): if signup_form.is_valid(): try: try: - user = LDAPUser.objects.get( + LDAPUser.objects.get( username=signup_form.cleaned_data['username']) except LDAPUser.DoesNotExist: pass @@ -279,7 +277,7 @@ def signup(request): else: raise OkupyError('Username already exists') try: - user = LDAPUser.objects.get( + LDAPUser.objects.get( email__contains=signup_form.cleaned_data['email']) except LDAPUser.DoesNotExist: pass @@ -327,7 +325,7 @@ def activate(request, token): """ try: try: - queued_user = Queue.objects.get(encrypted_id=token) + queued = Queue.objects.get(encrypted_id=token) except (Queue.DoesNotExist, OverflowError, TypeError, ValueError): raise OkupyError('Invalid URL') except Exception as error: @@ -346,21 +344,21 @@ def activate(request, token): # add account to ldap new_user = LDAPUser( object_class=settings.AUTH_LDAP_USER_OBJECTCLASS, - last_name=queued_user.last_name, - full_name='%s %s' % (queued_user.first_name, queued_user.last_name), - password=[ldap_md5_crypt.encrypt(queued_user.password)], - first_name=queued_user.first_name, - email=[queued_user.email], - username=queued_user.username, + last_name=queued.last_name, + full_name='%s %s' % (queued.first_name, queued.last_name), + password=[ldap_md5_crypt.encrypt(queued.password)], + first_name=queued.first_name, + email=[queued.email], + username=queued.username, uid=uidnumber, gid=100, - gecos='%s %s' % (queued_user.first_name, queued_user.last_name), - home_directory='/home/%s' % queued_user.username, + gecos='%s %s' % (queued.first_name, queued.last_name), + home_directory='/home/%s' % queued.username, ACL=['user.group'], ) new_user.save() # remove queued account from DB - queued_user.delete() + queued.delete() messages.success( request, "Your account has been activated successfully") except OkupyError as error: @@ -412,11 +410,12 @@ def otp_setup(request): skeys = sdev.gen_keys(user) messages.info(request, 'Your old recovery keys have been revoked.') elif 'cancel' in request.POST: - messages.info(request, 'Secret change aborted. Previous settings are in effect.') + messages.info(request, 'Secret change aborted. Previous settings' + 'are in effect.') if secret: # into groups of four characters - secret = ' '.join([secret[i:i+4] + secret = ' '.join([secret[i:i + 4] for i in range(0, len(secret), 4)]) if skeys: # xxx xx xxx diff --git a/okupy/common/decorators.py b/okupy/common/decorators.py index e69c02d..d71b651 100644 --- a/okupy/common/decorators.py +++ b/okupy/common/decorators.py @@ -44,7 +44,7 @@ def strong_auth_required(function=None, login_scheme, login_netloc = urlparse(resolved_login_url)[:2] current_scheme, current_netloc = urlparse(path)[:2] if ((not login_scheme or login_scheme == current_scheme) and - (not login_netloc or login_netloc == current_netloc)): + (not login_netloc or login_netloc == current_netloc)): path = request.get_full_path() return redirect_to_login( path, resolved_login_url, redirect_field_name) diff --git a/okupy/common/ldap_helpers.py b/okupy/common/ldap_helpers.py index 817c786..27bc813 100644 --- a/okupy/common/ldap_helpers.py +++ b/okupy/common/ldap_helpers.py @@ -4,8 +4,9 @@ from base64 import b64encode from Crypto import Random from passlib.hash import ldap_md5_crypt -from okupy.crypto.ciphers import cipher +from okupy import OkupyError from okupy.accounts.models import LDAPUser +from okupy.crypto.ciphers import cipher def get_bound_ldapuser(request, password=None): @@ -20,7 +21,8 @@ def get_bound_ldapuser(request, password=None): password = b64encode(cipher.decrypt( request.session['secondary_password'], 48)) except KeyError: - raise OkupyError('Secondary password not available (no strong auth?)') + raise OkupyError( + 'Secondary password not available (no strong auth?)') bound_cls = LDAPUser.bind_as( alias='ldap_%s' % username, diff --git a/okupy/common/ssh.py b/okupy/common/ssh.py index 1c4a49a..c5f3ad0 100644 --- a/okupy/common/ssh.py +++ b/okupy/common/ssh.py @@ -44,7 +44,7 @@ class SSHServer(paramiko.ServerInterface): h = settings.SSH_HANDLERS[cmd] # this is an easy way of checking if we have correct args inspect.getcallargs(h, *args, key=key) - except (KeyError, TypeError) as e: + except (KeyError, TypeError): pass else: ret = h(*args, key=key) @@ -76,7 +76,7 @@ class SSHServer(paramiko.ServerInterface): return True def check_channel_pty_request(self, channel, term, width, height, - pixelwidth, pixelheight, modes): + pixelwidth, pixelheight, modes): return True @@ -107,6 +107,6 @@ class SSHDispatcher(asyncore.dispatcher): def ssh_main(): server_key = paramiko.RSAKey(file_obj=BytesIO(settings.SSH_SERVER_KEY)) - disp = SSHDispatcher(server_key) + SSHDispatcher(server_key) asyncore.loop() raise SystemError('SSH server loop exited') diff --git a/okupy/otp/__init__.py b/okupy/otp/__init__.py index 51c7f65..73f9078 100644 --- a/okupy/otp/__init__.py +++ b/okupy/otp/__init__.py @@ -7,6 +7,7 @@ from django_otp.middleware import OTPMiddleware from okupy.otp.sotp.models import SOTPDevice from okupy.otp.totp.models import TOTPDevice + def init_otp(request): """ Initialize OTP after login. This sets up OTP devices diff --git a/okupy/otp/sotp/models.py b/okupy/otp/sotp/models.py index d986928..181911d 100644 --- a/okupy/otp/sotp/models.py +++ b/okupy/otp/sotp/models.py @@ -34,7 +34,7 @@ class SOTPDevice(Device): """ Verify token against recovery keys. """ - u = LDAPUser.objects.get(username = self.user.username) + u = LDAPUser.objects.get(username=self.user.username) if token in u.otp_recovery_keys: u.otp_recovery_keys.remove(token) u.save() diff --git a/okupy/otp/totp/models.py b/okupy/otp/totp/models.py index 28afbf0..50e8328 100644 --- a/okupy/otp/totp/models.py +++ b/okupy/otp/totp/models.py @@ -59,10 +59,10 @@ class TOTPDevice(Device): past and future tokens to include clock drift. """ if not secret: - u = LDAPUser.objects.get(username = self.user.username) + u = LDAPUser.objects.get(username=self.user.username) if not u.otp_secret: return True - elif not token: # (we're just being probed) + elif not token: # (we're just being probed) return False secret = u.otp_secret diff --git a/okupy/tests/integration/__init__.py b/okupy/tests/integration/__init__.py index 8b13789..e69de29 100644 --- a/okupy/tests/integration/__init__.py +++ b/okupy/tests/integration/__init__.py @@ -1 +0,0 @@ - diff --git a/okupy/tests/integration/test_index.py b/okupy/tests/integration/test_index.py index ec5626f..e2c754e 100644 --- a/okupy/tests/integration/test_index.py +++ b/okupy/tests/integration/test_index.py @@ -1,14 +1,14 @@ # vim:fileencoding=utf8:et:ts=4:sts=4:sw=4:ft=python from django.conf import settings +from django.test import TestCase from django.test.client import Client from mockldap import MockLdap -from okupy.common.test_helpers import OkupyTestCase, ldap_users, set_search_seed from okupy.tests import vars -class IndexIntegrationTests(OkupyTestCase): +class IndexIntegrationTests(TestCase): @classmethod def setUpClass(cls): cls.mockldap = MockLdap(vars.DIRECTORY) @@ -26,7 +26,7 @@ class IndexIntegrationTests(OkupyTestCase): self.assertRedirects(response, '/login/?next=/') def test_index_page_uses_correct_template(self): - response = self.client.post('/login/', {'username': 'alice', 'password': 'ldaptest'}) + response = self.client.post('/login/', vars.LOGIN_ALICE) response = self.client.get('/') self.assertTemplateUsed(response, 'base.html') self.assertTemplateUsed(response, 'index.html') diff --git a/okupy/tests/integration/test_lists.py b/okupy/tests/integration/test_lists.py index d7b47cb..a9ad99e 100644 --- a/okupy/tests/integration/test_lists.py +++ b/okupy/tests/integration/test_lists.py @@ -2,14 +2,13 @@ from django.conf import settings from django.test import TestCase - from django.test.client import Client from mockldap import MockLdap -from okupy.common.test_helpers import ldap_users, set_search_seed from okupy.tests import vars + class ListsIntegrationTests(TestCase): @classmethod def setUpClass(cls): diff --git a/okupy/tests/integration/test_login.py b/okupy/tests/integration/test_login.py index eb35aa5..f30c742 100644 --- a/okupy/tests/integration/test_login.py +++ b/okupy/tests/integration/test_login.py @@ -6,7 +6,6 @@ from django.test.client import Client from mockldap import MockLdap -from okupy.common.test_helpers import ldap_users, set_search_seed from okupy.tests import vars @@ -56,5 +55,6 @@ class LoginIntegrationTests(TestCase): self.mockldap.start() def test_redirect_to_requested_page_after_login(self): - response = self.client.post('/login/?next=/otp-setup/', vars.LOGIN_ALICE) + response = self.client.post('/login/?next=/otp-setup/', + vars.LOGIN_ALICE) self.assertRedirects(response, '/otp-setup/', 302, 200) diff --git a/okupy/tests/integration/test_signup.py b/okupy/tests/integration/test_signup.py index 6deef91..86041b5 100644 --- a/okupy/tests/integration/test_signup.py +++ b/okupy/tests/integration/test_signup.py @@ -5,7 +5,6 @@ from django.test import TestCase from django.test.client import Client from mockldap import MockLdap -from okupy.accounts.models import LDAPUser from okupy.tests import vars diff --git a/okupy/tests/unit/test_lists.py b/okupy/tests/unit/test_lists.py index c05db38..b5d7006 100644 --- a/okupy/tests/unit/test_lists.py +++ b/okupy/tests/unit/test_lists.py @@ -34,7 +34,11 @@ class ListsUnitTests(OkupyTestCase): def test_rendered_devlist_page(self): request = set_request(uri='/devlist') response = lists(request, 'devlist') - page_part = '<tr>\n <td class="devname"><b>alice</b></td>\n <td>Alice Adams</td>\n <td><a href="http://maps.google.com/maps?q=City1, Country1">City1, Country1</a></td>\n <td class="tableinfo">kde, qt, cluster</td>\n </tr>' + page_part = '<tr>\n <td class="devname"><b>alice' + '</b></td>\n <td>Alice Adams</td>\n ' + '<td><a href="http://maps.google.com/maps?q=City1, Country1">' + 'City1, Country1</a></td>\n <td class="tableinfo">' + 'kde, qt, cluster</td>\n </tr>' self.assertIn(page_part, response.content) def test_former_devlist_url_resolves_to_lists_view(self): @@ -49,7 +53,11 @@ class ListsUnitTests(OkupyTestCase): def test_rendered_former_devlist_page(self): request = set_request(uri='/former-devlist') response = lists(request, 'former-devlist') - page_part = '<tr>\n <td class="devname"><b>john</b></td>\n <td>John Smith</td>\n <td><a href="http://maps.google.com/maps?q=City3, Country3">City3, Country3</a></td>\n <td class="tableinfo">kernel, security</td>\n </tr>' + page_part = '<tr>\n <td class="devname"><b>john' + '</b></td>\n <td>John Smith</td>\n ' + '<td><a href="http://maps.google.com/maps?q=City3, Country3">' + 'City3, Country3</a></td>\n <td class="tableinfo">' + 'kernel, security</td>\n </tr>' self.assertIn(page_part, response.content) def test_foundation_members_list_url_resolves_to_lists_view(self): @@ -64,5 +72,8 @@ class ListsUnitTests(OkupyTestCase): def test_rendered_foundation_members_page(self): request = set_request(uri='/foundation-members') response = lists(request, 'foundation-members') - page_part = '<tr>\n <td style="color:#5c4f85;"><b>bob</b></td>\n <td>Robert Barker</td>\n <td><a href="http://maps.google.com/maps?q=City2, Country2">City2, Country2</a></td>\n </tr>' + page_part = '<tr>\n <td style="color:#5c4f85;"><b>bob' + '</b></td>\n <td>Robert Barker</td>\n ' + '<td><a href="http://maps.google.com/maps?q=City2, Country2">' + 'City2, Country2</a></td>\n </tr>' self.assertIn(page_part, response.content) diff --git a/okupy/tests/unit/test_login.py b/okupy/tests/unit/test_login.py index 65e8d8d..b602d65 100644 --- a/okupy/tests/unit/test_login.py +++ b/okupy/tests/unit/test_login.py @@ -14,7 +14,8 @@ from mockldap import MockLdap from okupy.accounts.views import login, logout from okupy.accounts.forms import LoginForm -from okupy.common.test_helpers import OkupyTestCase, set_request, no_database, ldap_users +from okupy.common.test_helpers import (OkupyTestCase, set_request, no_database, + ldap_users) from okupy.crypto.ciphers import cipher from okupy.tests import vars @@ -32,13 +33,15 @@ class LoginUnitTests(OkupyTestCase): self.mockldap.stop() def test_incorrect_user_raises_login_failed(self): - request = set_request(uri='/login', post=vars.LOGIN_WRONG, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_WRONG, + messages=True) response = login(request) response.context = RequestContext(request) self.assertMessage(response, 'Login failed', 40) def test_incorrect_user_does_not_get_transferred_in_db(self): - request = set_request(uri='/login', post=vars.LOGIN_WRONG, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_WRONG, + messages=True) login(request) self.assertEqual(User.objects.count(), 0) @@ -47,21 +50,25 @@ class LoginUnitTests(OkupyTestCase): 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend')) def test_no_database_raises_critical(self): - request = set_request(uri='/login', post=vars.LOGIN_ALICE, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_ALICE, + messages=True) response = login(request) response.context = RequestContext(request) - self.assertMessage(response, "Can't contact the LDAP server or the database", 40) + self.assertMessage(response, + "Can't contact the LDAP server or the database", 40) @no_database() @override_settings(AUTHENTICATION_BACKENDS=( 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend')) def test_no_database_sends_notification_mail(self): - request = set_request(uri='/login', post=vars.LOGIN_ALICE, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_ALICE, + messages=True) response = login(request) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % settings.EMAIL_SUBJECT_PREFIX)) + self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % + settings.EMAIL_SUBJECT_PREFIX)) def test_correct_user_gets_transferred_in_db(self): request = set_request(uri='/login', post=vars.LOGIN_ALICE) @@ -77,17 +84,25 @@ class LoginUnitTests(OkupyTestCase): def test_secondary_password_is_added_in_login(self): request = set_request(uri='/login', post=vars.LOGIN_ALICE) login(request) - self.assertEqual(len(ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']), 2) + self.assertEqual(len(ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword']), 2) self.assertEqual(len(request.session['secondary_password']), 48) def test_secondary_password_is_removed_in_logout(self): secondary_password = Random.get_random_bytes(48) - secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode(secondary_password)) - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(secondary_password_crypt) - request = set_request(uri='/login', post=vars.LOGIN_ALICE, user=vars.USER_ALICE) - request.session['secondary_password'] = cipher.encrypt(secondary_password) + secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode( + secondary_password)) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(secondary_password_crypt) + request = set_request(uri='/login', post=vars.LOGIN_ALICE, + user=vars.USER_ALICE) + request.session['secondary_password'] = cipher.encrypt( + secondary_password) logout(request) - self.assertEqual(len(ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']), 1) + self.assertEqual(len(ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword']), 1) class LoginUnitTestsNoLDAP(OkupyTestCase): @@ -103,15 +118,19 @@ class LoginUnitTestsNoLDAP(OkupyTestCase): def test_rendered_login_form(self): request = set_request(uri='/login') response = login(request) - login_form_part = '<input id="id_username" maxlength="100" name="username" type="text" />' + login_form_part = '<input id="id_username" maxlength="100"' + 'name="username" type="text" />' self.assertIn(login_form_part, response.content) def test_empty_user_raises_form_error_messages(self): request = set_request(uri='/login') response = login(request) - response.context = RequestContext(request, {'login_form': LoginForm(request.POST)}) - self.assertFormError(response, 'login_form', 'username', 'This field is required.') - self.assertFormError(response, 'login_form', 'password', 'This field is required.') + response.context = RequestContext(request, { + 'login_form': LoginForm(request.POST)}) + self.assertFormError(response, 'login_form', 'username', + 'This field is required.') + self.assertFormError(response, 'login_form', 'password', + 'This field is required.') def test_empty_user_raises_login_failed(self): request = set_request(uri='/login', post=True, messages=True) @@ -126,14 +145,17 @@ class LoginUnitTestsNoLDAP(OkupyTestCase): self.assertMessage(response, 'Login failed', 40) def test_no_ldap_connection_raises_login_failed_in_login(self): - request = set_request(uri='/login', post=vars.LOGIN_WRONG, messages=True) + request = set_request(uri='/login', post=vars.LOGIN_WRONG, + messages=True) response = login(request) response.context = RequestContext(request) self.assertMessage(response, 'Login failed', 40) def test_no_ldap_connection_in_logout_sends_notification_mail(self): - request = set_request(uri='/login', post=vars.LOGIN_ALICE, user=vars.USER_ALICE) + request = set_request(uri='/login', post=vars.LOGIN_ALICE, + user=vars.USER_ALICE) request.session['secondary_password'] = 'test' logout(request) self.assertEqual(len(mail.outbox), 1) - self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % settings.EMAIL_SUBJECT_PREFIX)) + self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % + settings.EMAIL_SUBJECT_PREFIX)) diff --git a/okupy/tests/unit/test_openid.py b/okupy/tests/unit/test_openid.py index 478d9b9..0807a3d 100644 --- a/okupy/tests/unit/test_openid.py +++ b/okupy/tests/unit/test_openid.py @@ -8,12 +8,12 @@ import time class OpenIDStoreTests(TestCase): - def setUp(self): - self.store = DjangoDBOpenIDStore() + def setUp(self): + self.store = DjangoDBOpenIDStore() - def test_nonce_integrity(self): - nonce = ('http://example.com', time.time(), 'pepper') - # first one should succeed, the second one should fail because - # of reused nonce - self.assertTrue(self.store.useNonce(*nonce)) - self.assertFalse(self.store.useNonce(*nonce)) + def test_nonce_integrity(self): + nonce = ('http://example.com', time.time(), 'pepper') + # first one should succeed, the second one should fail because + # of reused nonce + self.assertTrue(self.store.useNonce(*nonce)) + self.assertFalse(self.store.useNonce(*nonce)) diff --git a/okupy/tests/unit/test_secondary_password.py b/okupy/tests/unit/test_secondary_password.py index ffe95dd..ff0a794 100644 --- a/okupy/tests/unit/test_secondary_password.py +++ b/okupy/tests/unit/test_secondary_password.py @@ -8,8 +8,9 @@ from Crypto import Random from mockldap import MockLdap from passlib.hash import ldap_md5_crypt -from okupy.common.ldap_helpers import set_secondary_password, remove_secondary_password -from okupy.common.test_helpers import set_request, set_search_seed, ldap_users +from okupy.common.ldap_helpers import (set_secondary_password, + remove_secondary_password) +from okupy.common.test_helpers import set_request, ldap_users from okupy.crypto.ciphers import cipher from okupy.tests import vars @@ -35,60 +36,89 @@ class SecondaryPassword(TestCase): request = set_request(uri='/', user=vars.USER_ALICE) self.assertEqual(len(ldap_users('alice')[1]['userPassword']), 1) set_secondary_password(request, 'ldaptest') - self.assertEqual(len(ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']), 2) + self.assertEqual(len(ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword']), 2) def test_remove_leftovers_before_adding_secondary_password(self): leftover = ldap_md5_crypt.encrypt('leftover_password') - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(leftover) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(leftover) request = set_request(uri='/', user=vars.USER_ALICE) set_secondary_password(request, 'ldaptest') - self.assertNotIn(leftover, ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']) + self.assertNotIn(leftover, ldap_users( + 'alice', directory=self.ldapobject.directory)[1]['userPassword']) def test_dont_remove_primary_password_while_cleaning_leftovers(self): leftover = ldap_md5_crypt.encrypt('leftover_password') - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(leftover) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(leftover) request = set_request(uri='/', user=vars.USER_ALICE) set_secondary_password(request, 'ldaptest') - self.assertTrue(ldap_md5_crypt.verify('ldaptest', ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword'][0])) + self.assertTrue(ldap_md5_crypt.verify( + 'ldaptest', ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword'][0])) def test_dont_remove_unknown_hashes_while_cleaning_leftovers(self): leftover = ldap_md5_crypt.encrypt('leftover_password') - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(leftover) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(leftover) leftover2 = 'plain_leftover2' - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(leftover2) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(leftover2) request = set_request(uri='/', user=vars.USER_ALICE) set_secondary_password(request, 'ldaptest') - self.assertIn(leftover2, ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']) + self.assertIn(leftover2, ldap_users( + 'alice', directory=self.ldapobject.directory)[1]['userPassword']) def test_session_and_ldap_secondary_passwords_match(self): request = set_request(uri='/', user=vars.USER_ALICE) set_secondary_password(request, 'ldaptest') - self.assertTrue(ldap_md5_crypt.verify(b64encode(cipher.decrypt(request.session['secondary_password'], 48)), ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword'][1])) + self.assertTrue(ldap_md5_crypt.verify(b64encode(cipher.decrypt( + request.session['secondary_password'], 48)), + ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword'][1])) def test_remove_secondary_password_from_ldap(self): secondary_password = Random.get_random_bytes(48) - secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode(secondary_password)) - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(secondary_password_crypt) + secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode( + secondary_password)) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(secondary_password_crypt) request = set_request(uri='/', user=vars.USER_ALICE) - request.session['secondary_password'] = cipher.encrypt(secondary_password) + request.session['secondary_password'] = cipher.encrypt( + secondary_password) remove_secondary_password(request) - self.assertNotIn(secondary_password_crypt, ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']) + self.assertNotIn(secondary_password_crypt, ldap_users( + 'alice', directory=self.ldapobject.directory)[1]['userPassword']) - def test_dont_remove_primary_password_while_removing_secondary_password(self): + def test_dont_remove_primary_password_when_removing_secondary_passwd(self): secondary_password = Random.get_random_bytes(48) - secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode(secondary_password)) - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(secondary_password_crypt) + secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode( + secondary_password)) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(secondary_password_crypt) request = set_request(uri='/', user=vars.USER_ALICE) - request.session['secondary_password'] = cipher.encrypt(secondary_password) + request.session['secondary_password'] = cipher.encrypt( + secondary_password) remove_secondary_password(request) - self.assertTrue(ldap_md5_crypt.verify('ldaptest', ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword'][0])) + self.assertTrue(ldap_md5_crypt.verify('ldaptest', ldap_users( + 'alice', + directory=self.ldapobject.directory)[1]['userPassword'][0])) - def test_dont_remove_unknown_hashes_while_removing_secondary_password(self): + def test_dont_remove_unknown_hashes_when_removing_secondary_password(self): secondary_password = Random.get_random_bytes(48) - secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode(secondary_password)) - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append('unknown_hash') - self.ldapobject.directory[ldap_users('alice')[0]]['userPassword'].append(secondary_password_crypt) + secondary_password_crypt = ldap_md5_crypt.encrypt(b64encode( + secondary_password)) + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append('unknown_hash') + self.ldapobject.directory[ldap_users('alice')[0]][ + 'userPassword'].append(secondary_password_crypt) request = set_request(uri='/', user=vars.USER_ALICE) - request.session['secondary_password'] = cipher.encrypt(secondary_password) + request.session['secondary_password'] = cipher.encrypt( + secondary_password) remove_secondary_password(request) - self.assertIn('unknown_hash', ldap_users('alice', directory=self.ldapobject.directory)[1]['userPassword']) + self.assertIn('unknown_hash', ldap_users( + 'alice', directory=self.ldapobject.directory)[1]['userPassword']) diff --git a/okupy/tests/unit/test_signup.py b/okupy/tests/unit/test_signup.py index da741ae..459e3f8 100644 --- a/okupy/tests/unit/test_signup.py +++ b/okupy/tests/unit/test_signup.py @@ -9,9 +9,10 @@ from mockldap import MockLdap from passlib.hash import ldap_md5_crypt from okupy.accounts.forms import SignupForm -from okupy.accounts.models import LDAPUser, Queue +from okupy.accounts.models import Queue from okupy.accounts.views import signup, activate -from okupy.common.test_helpers import OkupyTestCase, set_request, ldap_users, no_database +from okupy.common.test_helpers import (OkupyTestCase, set_request, ldap_users, + no_database) from okupy.tests import vars @@ -50,7 +51,8 @@ class SignupUnitTests(OkupyTestCase): request = set_request(uri='/signup', post=_form, messages=True) response = signup(request) response.context = RequestContext(request) - self.assertMessage(response, 'Account is already pending activation', 40) + self.assertMessage(response, + 'Account is already pending activation', 40) def test_email_already_pending_activation(self): _form = vars.SIGNUP_TESTUSER.copy() @@ -59,7 +61,8 @@ class SignupUnitTests(OkupyTestCase): request = set_request(uri='/signup', post=_form, messages=True) response = signup(request) response.context = RequestContext(request) - self.assertMessage(response, 'Account is already pending activation', 40) + self.assertMessage(response, + 'Account is already pending activation', 40) def test_add_queued_account_to_ldap_prints_success_message(self): vars.QUEUEDUSER.save() @@ -67,26 +70,35 @@ class SignupUnitTests(OkupyTestCase): request = set_request(uri=activate_url, messages=True) response = activate(request, vars.QUEUEDUSER.encrypted_id) response.context = RequestContext(request) - self.assertMessage(response, 'Your account has been activated successfully', 25) + self.assertMessage(response, + 'Your account has been activated successfully', 25) def test_queued_account_gets_added_to_ldap(self): vars.QUEUEDUSER.save() activate_url = '/activate/%s/' % vars.QUEUEDUSER.encrypted_id request = set_request(activate_url, messages=True) activate(request, vars.QUEUEDUSER.encrypted_id) - self.assertTrue(ldap_users(vars.QUEUEDUSER.username, directory=self.ldapobject.directory)) - ldap_account = ldap_users(vars.QUEUEDUSER.username, directory=self.ldapobject.directory)[1] - self.assertEqual(ldap_account['objectClass'], settings.AUTH_LDAP_USER_OBJECTCLASS) + self.assertTrue(ldap_users(vars.QUEUEDUSER.username, + directory=self.ldapobject.directory)) + ldap_account = ldap_users(vars.QUEUEDUSER.username, + directory=self.ldapobject.directory)[1] + self.assertEqual(ldap_account['objectClass'], + settings.AUTH_LDAP_USER_OBJECTCLASS) self.assertEqual(ldap_account['sn'][0], vars.QUEUEDUSER.last_name) - self.assertEqual(ldap_account['cn'][0], '%s %s' % (vars.QUEUEDUSER.first_name, vars.QUEUEDUSER.last_name)) - self.assertTrue(ldap_md5_crypt.verify(vars.QUEUEDUSER.password, ldap_account['userPassword'][0])) - self.assertEqual(ldap_account['givenName'][0], vars.QUEUEDUSER.first_name) + self.assertEqual(ldap_account['cn'][0], '%s %s' % ( + vars.QUEUEDUSER.first_name, vars.QUEUEDUSER.last_name)) + self.assertTrue(ldap_md5_crypt.verify(vars.QUEUEDUSER.password, + ldap_account['userPassword'][0])) + self.assertEqual(ldap_account['givenName'][0], + vars.QUEUEDUSER.first_name) self.assertEqual(ldap_account['mail'][0], vars.QUEUEDUSER.email) self.assertEqual(ldap_account['uid'][0], vars.QUEUEDUSER.username) self.assertEqual(ldap_account['uidNumber'][0], '1002') self.assertEqual(ldap_account['gidNumber'][0], '100') - self.assertEqual(ldap_account['gecos'][0], '%s %s' % (vars.QUEUEDUSER.first_name, vars.QUEUEDUSER.last_name)) - self.assertEqual(ldap_account['homeDirectory'][0], '/home/%s' % vars.QUEUEDUSER.username) + self.assertEqual(ldap_account['gecos'][0], '%s %s' % ( + vars.QUEUEDUSER.first_name, vars.QUEUEDUSER.last_name)) + self.assertEqual(ldap_account['homeDirectory'][0], + '/home/%s' % vars.QUEUEDUSER.username) self.assertEqual(ldap_account['gentooACL'][0], 'user.group') def test_add_queued_account_remove_from_queue(self): @@ -97,46 +109,59 @@ class SignupUnitTests(OkupyTestCase): self.assertEqual(Queue.objects.count(), 0) def test_valid_data_to_signup_form_prints_info_message(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) - self.assertMessage(response, 'You will shortly receive an activation mail', 20) + self.assertMessage(response, + 'You will shortly receive an activation mail', 20) def test_valid_data_to_signup_form_sends_activation_mail(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertEqual(mail.outbox[0].subject, '%sAccount Activation' % settings.EMAIL_SUBJECT_PREFIX) + self.assertEqual(mail.outbox[0].subject, '%sAccount Activation' % + settings.EMAIL_SUBJECT_PREFIX) def test_valid_data_to_signup_form_adds_user_to_queue(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertEqual(Queue.objects.count(), 1) vars.QUEUEDUSER = Queue.objects.get(pk=1) - self.assertEqual(vars.QUEUEDUSER.username, vars.SIGNUP_TESTUSER['username']) - self.assertEqual(vars.QUEUEDUSER.first_name, vars.SIGNUP_TESTUSER['first_name']) - self.assertEqual(vars.QUEUEDUSER.last_name, vars.SIGNUP_TESTUSER['last_name']) + self.assertEqual(vars.QUEUEDUSER.username, + vars.SIGNUP_TESTUSER['username']) + self.assertEqual(vars.QUEUEDUSER.first_name, + vars.SIGNUP_TESTUSER['first_name']) + self.assertEqual(vars.QUEUEDUSER.last_name, + vars.SIGNUP_TESTUSER['last_name']) self.assertEqual(vars.QUEUEDUSER.email, vars.SIGNUP_TESTUSER['email']) - self.assertEqual(vars.QUEUEDUSER.password, vars.SIGNUP_TESTUSER['password_origin']) + self.assertEqual(vars.QUEUEDUSER.password, + vars.SIGNUP_TESTUSER['password_origin']) # note: this needs to be kept in line with used cipher - self.assertRegexpMatches(vars.QUEUEDUSER.encrypted_id, '^[a-zA-Z0-9_-]{22}$') + self.assertRegexpMatches(vars.QUEUEDUSER.encrypted_id, + '^[a-zA-Z0-9_-]{22}$') @no_database() def test_no_database_connection_raises_error_in_signup(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertMessage(response, "Can't contact the database", 40) @no_database() def test_no_database_connection_sends_notification_mail_in_signup(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % settings.EMAIL_SUBJECT_PREFIX)) + self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % + settings.EMAIL_SUBJECT_PREFIX)) @no_database() def test_no_database_connection_raises_error_in_activation(self): @@ -146,11 +171,12 @@ class SignupUnitTests(OkupyTestCase): self.assertMessage(response, "Can't contact the database", 40) @no_database() - def test_no_database_connection_sends_notification_mail_in_activation(self): + def test_no_database_connection_sends_notificationmail_in_activation(self): request = set_request('/activate/test', messages=True) activate(request, vars.QUEUEDUSER.encrypted_id) self.assertEqual(len(mail.outbox), 1) - self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % settings.EMAIL_SUBJECT_PREFIX)) + self.assertTrue(mail.outbox[0].subject.startswith('%sERROR:' % + settings.EMAIL_SUBJECT_PREFIX)) def test_add_first_user_in_empty_ldap_directory(self): vars.QUEUEDUSER.save() @@ -158,8 +184,11 @@ class SignupUnitTests(OkupyTestCase): self.ldapobject.directory = ldap_users(clean=True) request = set_request(activate_url, messages=True) activate(request, vars.QUEUEDUSER.encrypted_id) - self.assertTrue(ldap_users(vars.QUEUEDUSER.username, directory=self.ldapobject.directory)) - self.assertEqual(ldap_users(vars.QUEUEDUSER.username, directory=self.ldapobject.directory)[1]['uidNumber'][0], '1') + self.assertTrue(ldap_users(vars.QUEUEDUSER.username, + directory=self.ldapobject.directory)) + self.assertEqual(ldap_users( + vars.QUEUEDUSER.username, + directory=self.ldapobject.directory)[1]['uidNumber'][0], '1') class SignupunitTestsNoLDAP(OkupyTestCase): @@ -175,27 +204,38 @@ class SignupunitTestsNoLDAP(OkupyTestCase): def test_rendered_signup_form(self): request = set_request(uri='/signup') response = signup(request) - signup_form_part = '<label for="id_first_name">First Name:</label><input id="id_first_name" maxlength="100" name="first_name" type="text" />' + signup_form_part = '<label for="id_first_name">First Name:</label>' + '<input id="id_first_name" maxlength="100" name="first_name"' + 'type="text" />' self.assertIn(signup_form_part, response.content) def test_empty_signup_form_raises_form_error_messages(self): request = set_request(uri='/signup') response = signup(request) - response.context = RequestContext(request, {'signup_form': SignupForm(request.POST)}) - self.assertFormError(response, 'signup_form', 'username', 'This field is required.') - self.assertFormError(response, 'signup_form', 'first_name', 'This field is required.') - self.assertFormError(response, 'signup_form', 'last_name', 'This field is required.') - self.assertFormError(response, 'signup_form', 'email', 'This field is required.') - self.assertFormError(response, 'signup_form', 'password_origin', 'This field is required.') - self.assertFormError(response, 'signup_form', 'password_verify', 'This field is required.') + response.context = RequestContext(request, {'signup_form': + SignupForm(request.POST)}) + self.assertFormError(response, 'signup_form', 'username', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'first_name', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'last_name', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'email', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'password_origin', + 'This field is required.') + self.assertFormError(response, 'signup_form', 'password_verify', + 'This field is required.') def test_passwords_dont_match(self): _form = vars.SIGNUP_TESTUSER.copy() _form['password_verify'] = 'wrong' request = set_request(uri='/signup', post=_form) response = signup(request) - response.context = RequestContext(request, {'signup_form': SignupForm(request.POST)}) - self.assertFormError(response, 'signup_form', 'password_verify', "Passwords don't match") + response.context = RequestContext(request, {'signup_form': + SignupForm(request.POST)}) + self.assertFormError(response, 'signup_form', 'password_verify', + "Passwords don't match") def test_wrong_activaltion_link_raises_invalid_url(self): request = set_request(uri='/activate/invalidurl', messages=True) @@ -204,17 +244,22 @@ class SignupunitTestsNoLDAP(OkupyTestCase): self.assertMessage(response, 'Invalid URL', 40) def test_no_ldap_connection_raises_error_in_signup(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertMessage(response, "Can't contact LDAP server", 40) def test_no_ldap_connection_sends_notification_mail_in_signup(self): - request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, messages=True) + request = set_request(uri='/signup', post=vars.SIGNUP_TESTUSER, + messages=True) response = signup(request) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertEqual(mail.outbox[0].subject, '%sERROR: {\'desc\': "Can\'t contact LDAP server"}' % settings.EMAIL_SUBJECT_PREFIX) + self.assertEqual( + mail.outbox[0].subject, + '%sERROR: {\'desc\': "Can\'t contact LDAP server"}' % + settings.EMAIL_SUBJECT_PREFIX) def test_no_ldap_connection_raises_error_in_activation(self): vars.QUEUEDUSER.save() @@ -231,4 +276,7 @@ class SignupunitTestsNoLDAP(OkupyTestCase): response = activate(request, vars.QUEUEDUSER.encrypted_id) response.context = RequestContext(request) self.assertEqual(len(mail.outbox), 1) - self.assertEqual(mail.outbox[0].subject, '%sERROR: {\'desc\': "Can\'t contact LDAP server"}' % settings.EMAIL_SUBJECT_PREFIX) + self.assertEqual( + mail.outbox[0].subject, + '%sERROR: {\'desc\': "Can\'t contact LDAP server"}' % + settings.EMAIL_SUBJECT_PREFIX) diff --git a/okupy/tests/unit/test_ssh.py b/okupy/tests/unit/test_ssh.py index 2c00949..cc4c029 100644 --- a/okupy/tests/unit/test_ssh.py +++ b/okupy/tests/unit/test_ssh.py @@ -6,7 +6,6 @@ from django.test.utils import override_settings import base64 import socket - import paramiko from okupy import OkupyError @@ -104,8 +103,8 @@ class SSHUnitTests(TestCase): def onearg(key): raise TypeError - self.assertRaises(TypeError, - self._server.check_auth_publickey, 'onearg', self._key) + self.assertRaises( + TypeError, self._server.check_auth_publickey, 'onearg', self._key) def test_result_caching_works(self): class Cache(object): @@ -120,6 +119,7 @@ class SSHUnitTests(TestCase): return None cache = Cache() + @ssh_handler def cached(key): return cache(key) @@ -170,6 +170,7 @@ class SSHUnitTests(TestCase): return None cache = Cache() + @ssh_handler def cached(key): return cache(key) diff --git a/okupy/tests/vars.py b/okupy/tests/vars.py index afe5062..8f3645c 100644 --- a/okupy/tests/vars.py +++ b/okupy/tests/vars.py @@ -32,7 +32,15 @@ DIRECTORY = { "gentooRoles": ["kde, qt, cluster"], "gentooLocation": ["City1, Country1"], "gentooACL": ["user.group", "developer.group"], - "sshPublicKey": ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbtxfr9vRO4xkDuUnsu02rL7BtBiABADkWdugnMxRAV6nKokitytgLGDhjY6iB8C87K8mCxz/ksMO+uct/lUEHMf1M2P1rPEStrJoXQuTXQbtVl7iF5cySbXhtd7Nu7DcXe1cIynVkbFosB2mznr8Db3633DnEslppUGvHdjHYoCAWsjv5juHESkBy62HhYgc1ZoGFj6ilrJhOdHs2ji2YBHJXPG2sB3uQleY5/KfAeSwESBH7D36VqRXf22Ya0nExnVh3h9jtzZmwIll35VHH/G9NmTmW/8lpl7BGV7fx10tByfvSLrQg2ZniiY3SfXdbraVm/FEuJ9+X81jpNQDd", "invalid-key-too-short", "ssh-rsa $$$INVALID%", "invalid-key-type AAAA=="], + "sshPublicKey": ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbtxfr9vRO4xkD" + "uUnsu02rL7BtBiABADkWdugnMxRAV6nKokitytgLGDhjY6iB8C87" + "K8mCxz/ksMO+uct/lUEHMf1M2P1rPEStrJoXQuTXQbtVl7iF5cyS" + "bXhtd7Nu7DcXe1cIynVkbFosB2mznr8Db3633DnEslppUGvHdjHY" + "oCAWsjv5juHESkBy62HhYgc1ZoGFj6ilrJhOdHs2ji2YBHJXPG2s" + "B3uQleY5/KfAeSwESBH7D36VqRXf22Ya0nExnVh3h9jtzZmwIll3" + "5VHH/G9NmTmW/8lpl7BGV7fx10tByfvSLrQg2ZniiY3SfXdbraVm" + "/FEuJ9+X81jpNQDd", "invalid-key-too-short", + "ssh-rsa $$$INVALID%", "invalid-key-type AAAA=="], }, "uid=bob,ou=people,o=test": { "uid": ["bob"], @@ -47,7 +55,27 @@ DIRECTORY = { "gentoRoles": ["nothing"], "gentooLocation": ["City2, Country2"], "gentooACL": ["user.group", "foundation.group"], - "sshPublicKey": ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUSOgwQ6uljefD9BiwhiGzRGn+sg7D3AKcqU8PWrB+p74n9GBIccc/iSuG458iid08FvUqHjY0RLwMQADND7NOGaEEW0NXbyblA6xZhZu6BgnFC4LZBHy5eok+sWIZddAgT8qAYXMW8GYzUZSPchtOFbMkyzaQlWYkjx1Z0usOdnl/QRPuabFTQjWtJ+lw8hrPydl1ZYP+FIUZy9NU/SxC2qgufmh3+nTzfnfQgupfQc6I9lXNR98vm/t5saVsuQReIIc4sR3mOmT5AnH6uCyjRBKnxq8ndcInfGagwpcx80o6+/V0QNIdr5NP1jRiXDbc/BT8NP/X4mWIpJNEIujj bob@example.com", "ssh-dss AAAAB3NzaC1kc3MAAACBAOpXehglYVU5efZoBGrRKHcsQvlS4jDAFGgsqNRQwM4F7anFIhaEYxs8REEhKNOUXEalFCUegtBxgKjvNRH+MBMJ5o6BAsDuTobwhFS7imcj5JO7QA6kfyNokNkULbqCOfmS9xmFozj2bk0zpKcvW54Zf91dHHT+NsmAXrcIw1onAAAAFQDLARFN4O0wquVKl/XGItngEeQGdwAAAIEAtTP8JkR9XZHkqb0s/uRA+2Wh9uOipc1+IgJn+UX15or2/zuudcG5loaVpDepuLuzhjrn/BZwj1GAncv/AFo4YraATU77HxNEXstHwkf5K8FaJ2f/6bVs7i/P9NS9rXys+HdOiPmAbvv9Hm69jw/Xbwnz752O7gvSNJPWjrC2460AAACBAItwlTJ2aUD7BSgjgaqGOrjUamnIMOi833RCc2XN9F9aY2z8DNr3O7KN5qzTUuLU4ltQbBO9Ct5CZmx785COTkJMXjoYVC7ObfKc8T0xB1FZzf7bIaqcC0dDmfrCzmcQdOTIJvKNlniRBG1XAQ7lf7YvX0We+C14oVU2FhyueoEe", "invalid-key-too-short", "ssh-rsa $$$INVALID%", "invalid-key-type AAAA=="], + "sshPublicKey": ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUSOgwQ6uljefD" + "9BiwhiGzRGn+sg7D3AKcqU8PWrB+p74n9GBIccc/iSuG458iid08" + "FvUqHjY0RLwMQADND7NOGaEEW0NXbyblA6xZhZu6BgnFC4LZBHy5" + "eok+sWIZddAgT8qAYXMW8GYzUZSPchtOFbMkyzaQlWYkjx1Z0usO" + "dnl/QRPuabFTQjWtJ+lw8hrPydl1ZYP+FIUZy9NU/SxC2qgufmh3" + "+nTzfnfQgupfQc6I9lXNR98vm/t5saVsuQReIIc4sR3mOmT5AnH6" + "uCyjRBKnxq8ndcInfGagwpcx80o6+/V0QNIdr5NP1jRiXDbc/BT8" + "NP/X4mWIpJNEIujj bob@example.com", + "ssh-dss AAAAB3NzaC1kc3MAAACBAOpXehglYVU5efZoBGrRKHcs" + "QvlS4jDAFGgsqNRQwM4F7anFIhaEYxs8REEhKNOUXEalFCUegtBx" + "gKjvNRH+MBMJ5o6BAsDuTobwhFS7imcj5JO7QA6kfyNokNkULbqC" + "OfmS9xmFozj2bk0zpKcvW54Zf91dHHT+NsmAXrcIw1onAAAAFQDL" + "ARFN4O0wquVKl/XGItngEeQGdwAAAIEAtTP8JkR9XZHkqb0s/uRA" + "+2Wh9uOipc1+IgJn+UX15or2/zuudcG5loaVpDepuLuzhjrn/BZw" + "j1GAncv/AFo4YraATU77HxNEXstHwkf5K8FaJ2f/6bVs7i/P9NS9" + "rXys+HdOiPmAbvv9Hm69jw/Xbwnz752O7gvSNJPWjrC2460AAACB" + "AItwlTJ2aUD7BSgjgaqGOrjUamnIMOi833RCc2XN9F9aY2z8DNr3" + "O7KN5qzTUuLU4ltQbBO9Ct5CZmx785COTkJMXjoYVC7ObfKc8T0x" + "B1FZzf7bIaqcC0dDmfrCzmcQdOTIJvKNlniRBG1XAQ7lf7YvX0We" + "+C14oVU2FhyueoEe", "invalid-key-too-short", + "ssh-rsa $$$INVALID%", "invalid-key-type AAAA=="], }, "uid=jack,ou=people,o=test": { "uid": ["jack"], @@ -150,4 +178,6 @@ vj3k/SSqj6qjnxryY6QSKWOTRbKhwmRHrrsFRuR2rCZWYZUJ6ohCDYrwVKvs7i2R VNG3Q7+oqLajmyDfZmHkENQ0rCdc -----END CERTIFICATE-----''' -TEST_SSH_KEY_FOR_NO_USER = 'AAAAB3NzaC1yc2EAAAADAQABAAAAYQCXMUpwxMi/01Th94+pP9r3bPGOEejSic7eH1VXHnqHPRFh9rOenSbhWLXwCUcM+0ZMoLmkJ3gMz3IKq2HTJfEwBcW/v/cm5b2lT6biO0u9Q5br4KosNhrvJBZ0f6trkCk=' +TEST_SSH_KEY_FOR_NO_USER = '''AAAAB3NzaC1yc2EAAAADAQABAAAAYQCXMUp +wxMi/01Th94+pP9r3bPGOEejSic7eH1VXHnqHPRFh9rOenSbhWLXwCUcM+0ZMoLmk +J3gMz3IKq2HTJfEwBcW/v/cm5b2lT6biO0u9Q5br4KosNhrvJBZ0f6trkCk=''' diff --git a/okupy/urls.py b/okupy/urls.py index 8b10849..0a9a7d8 100644 --- a/okupy/urls.py +++ b/okupy/urls.py @@ -3,6 +3,7 @@ from django.conf.urls import patterns, include from okupy.accounts.urls import accounts_urlpatterns -urlpatterns = patterns('', +urlpatterns = patterns( + '', (r'^', include(accounts_urlpatterns)), ) diff --git a/okupy/wsgi.py b/okupy/wsgi.py index e2c657e..1bc6d03 100644 --- a/okupy/wsgi.py +++ b/okupy/wsgi.py @@ -45,7 +45,6 @@ else: from django.utils import autoreload # autodiscover SSH handlers - import okupy.accounts.ssh from okupy.common.ssh import ssh_main import Crypto.Random |